@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api Datadog API V2 Collection @base https://api.datadoghq.com @version 1.0 @auth OAuth2 | ApiKey DD-API-KEY in header | ApiKey DD-APPLICATION-KEY in header | Bearer bearer @endpoints 937 @hint download_for_search @toc api(937) @endpoint GET /api/unstable/fleet/agent_versions @desc List all available Agent versions @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/unstable/fleet/agents @desc List all Datadog Agents @optional {page_number: int(int64)=0 # Page number for pagination (starts at 0)., page_size: int(int64)=10 # Number of results per page (must be greater than 0 and less than or equal to 100)., sort_attribute: str # Attribute to sort by., sort_descending: bool # Sort order (true for descending, false for ascending)., tags: str # Comma-separated list of tags to filter agents., filter: str # Filter string for narrowing down agent results.} @returns(200) {data: map{attributes: map{agents: [map]}, id: str, type: str}, meta: map{total_filtered_count: int(int64)}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/unstable/fleet/agents/{agent_key} @desc Get detailed information about an agent @required {agent_key: str # The unique identifier (agent key) for the Datadog Agent.} @returns(200) {data: map{attributes: map{agent_infos: map{agent_version: str, api_key_name: str, api_key_uuid: str, cloud_provider: str, cluster_name: str, datadog_agent_key: str, enabled_products: [str], env: [str], first_seen_at: int(int64), hostname: str, hostname_aliases: [str], install_method_installer_version: str, install_method_tool: str, ip_addresses: [str], is_single_step_instrumentation_enabled: bool, last_restart_at: int(int64), os: str, os_version: str, otel_collector_version: str, otel_collector_versions: [str], otel_collectors: [map], pod_name: str, python_version: str, region: [str], remote_agent_management: str, remote_config_status: str, services: [str], tags: [str], team: str}, configuration_files: map{compiled_configuration: str, env_configuration: str, file_configuration: str, parsed_configuration: str, remote_configuration: str, runtime_configuration: str}, detected_integrations: [map], integrations: map{configuration_files: [map], datadog_agent_key: str, error_integrations: [map], missing_integrations: [map], warning_integrations: [map], working_integrations: [map]}}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/unstable/fleet/deployments @desc List all deployments @optional {page_size: int(int64)=10 # Number of deployments to return per page. Maximum value is 100., page_offset: int(int64)=0 # Index of the first deployment to return. Use this with `page_size` to paginate through results.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/unstable/fleet/deployments/configure @desc Create a configuration deployment @required {data: map{attributes!: map, type!: str} # Data for creating a new configuration deployment.} @returns(201) {data: map{attributes: map{config_operations: [map], estimated_end_time_unix: int(int64), filter_query: str, high_level_status: str, hosts: [map], packages: [map], total_hosts: int(int64)}, id: str, type: str}, meta: map{hosts: map{current_page: int(int64), page_size: int(int64), total_hosts: int(int64), total_pages: int(int64)}}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @example_request {"data":{"attributes":{"config_operations":[{"file_op":"merge-patch","file_path":"/conf.d/postgres.d/logs.yaml","patch":{"logs":[{"path":"/var/log/postgres.log","service":"postgres1","source":"postgres","type":"file"}]}},{"file_op":"merge-patch","file_path":"/conf.d/kafka.d/logs.yaml","patch":{"logs":[{"path":"/var/log/kafka.log","service":"kafka1","source":"kafka","type":"file"}]}}],"filter_query":"env:prod"},"type":"deployment"}} @endpoint POST /api/unstable/fleet/deployments/upgrade @desc Upgrade hosts @required {data: map{attributes!: map, type!: str} # Data for creating a new package upgrade deployment.} @returns(201) {data: map{attributes: map{config_operations: [map], estimated_end_time_unix: int(int64), filter_query: str, high_level_status: str, hosts: [map], packages: [map], total_hosts: int(int64)}, id: str, type: str}, meta: map{hosts: map{current_page: int(int64), page_size: int(int64), total_hosts: int(int64), total_pages: int(int64)}}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @example_request {"data":{"attributes":{"filter_query":"env:prod AND service:web","target_packages":[{"name":"datadog-agent","version":"7.52.0"}]},"type":"deployment"}} @endpoint GET /api/unstable/fleet/deployments/{deployment_id} @desc Get a configuration deployment by ID @required {deployment_id: str # The unique identifier of the deployment to retrieve.} @optional {limit: int(int64)=50 # Maximum number of hosts to return per page. Default is 50, maximum is 100., page: int(int64)=0 # Page index for pagination (zero-based). Use this to retrieve subsequent pages of hosts.} @returns(200) {data: map{attributes: map{config_operations: [map], estimated_end_time_unix: int(int64), filter_query: str, high_level_status: str, hosts: [map], packages: [map], total_hosts: int(int64)}, id: str, type: str}, meta: map{hosts: map{current_page: int(int64), page_size: int(int64), total_hosts: int(int64), total_pages: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/unstable/fleet/deployments/{deployment_id}/cancel @desc Cancel a deployment @required {deployment_id: str # The unique identifier of the deployment to cancel.} @returns(204) Deployment successfully canceled. @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/unstable/fleet/schedules @desc List all schedules @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/unstable/fleet/schedules @desc Create a schedule @required {data: map{attributes!: map, type!: str} # Data for creating a new schedule.} @returns(201) {data: map{attributes: map{created_at_unix: int(int64), created_by: str, name: str, query: str, rule: map{days_of_week: [str], maintenance_window_duration: int(int64), start_maintenance_window: str, timezone: str}, status: str, updated_at_unix: int(int64), updated_by: str, version_to_latest: int(int64)}, id: str, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @example_request {"data":{"attributes":{"name":"Staging Environment - Conservative Updates","query":"env:staging","rule":{"days_of_week":["Fri"],"maintenance_window_duration":240,"start_maintenance_window":"22:00","timezone":"UTC"},"status":"active","version_to_latest":1},"type":"schedule"}} @endpoint DELETE /api/unstable/fleet/schedules/{id} @desc Delete a schedule @required {id: str # The unique identifier of the schedule to delete.} @returns(204) Schedule successfully deleted. @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/unstable/fleet/schedules/{id} @desc Get a schedule by ID @required {id: str # The unique identifier of the schedule to retrieve.} @returns(200) {data: map{attributes: map{created_at_unix: int(int64), created_by: str, name: str, query: str, rule: map{days_of_week: [str], maintenance_window_duration: int(int64), start_maintenance_window: str, timezone: str}, status: str, updated_at_unix: int(int64), updated_by: str, version_to_latest: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/unstable/fleet/schedules/{id} @desc Update a schedule @required {id: str # The unique identifier of the schedule to update., data: map{attributes: map, type!: str} # Data for partially updating a schedule.} @returns(200) {data: map{attributes: map{created_at_unix: int(int64), created_by: str, name: str, query: str, rule: map{days_of_week: [str], maintenance_window_duration: int(int64), start_maintenance_window: str, timezone: str}, status: str, updated_at_unix: int(int64), updated_by: str, version_to_latest: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @example_request {"data":{"attributes":{"rule":{"days_of_week":["Mon","Wed","Fri"],"maintenance_window_duration":240,"start_maintenance_window":"03:00","timezone":"America/New_York"}},"type":"schedule"}} @endpoint POST /api/unstable/fleet/schedules/{id}/trigger @desc Trigger a schedule deployment @required {id: str # The unique identifier of the schedule to trigger.} @returns(201) {data: map{attributes: map{config_operations: [map], estimated_end_time_unix: int(int64), filter_query: str, high_level_status: str, hosts: [map], packages: [map], total_hosts: int(int64)}, id: str, type: str}, meta: map{hosts: map{current_page: int(int64), page_size: int(int64), total_hosts: int(int64), total_pages: int(int64)}}} # CREATED - Deployment successfully created and started. @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/actions-datastores @desc List datastores @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/actions-datastores @desc Create datastore @optional {data: map{attributes: map, id: str, type!: str} # Data wrapper containing the configuration needed to create a new datastore.} @returns(200) {data: map{id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/actions-datastores/{datastore_id} @desc Delete datastore @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @returns(200) OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/actions-datastores/{datastore_id} @desc Get datastore @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @returns(200) {data: map{attributes: map{created_at: str(date-time), creator_user_id: int(int64), creator_user_uuid: str, description: str, modified_at: str(date-time), name: str, org_id: int(int64), primary_column_name: str, primary_key_generation_strategy: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/actions-datastores/{datastore_id} @desc Update datastore @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @optional {data: map{attributes: map, id: str, type!: str} # Data wrapper containing the datastore identifier and the attributes to update.} @returns(200) {data: map{attributes: map{created_at: str(date-time), creator_user_id: int(int64), creator_user_uuid: str, description: str, modified_at: str(date-time), name: str, org_id: int(int64), primary_column_name: str, primary_key_generation_strategy: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/actions-datastores/{datastore_id}/items @desc Delete datastore item @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @optional {data: map{attributes: map, type!: str} # Data wrapper containing the information needed to identify and delete a specific datastore item.} @returns(200) {data: map{id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/actions-datastores/{datastore_id}/items @desc List datastore items @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @optional {filter: str # Optional query filter to search items using the [logs search syntax](https://docs.datadoghq.com/logs/explorer/search_syntax/)., item_key: str # Optional primary key value to retrieve a specific item. Cannot be used together with the filter parameter., page[limit]: int(int64) # Optional field to limit the number of items to return per page for pagination. Up to 100 items can be returned per page., page[offset]: int(int64) # Optional field to offset the number of items to skip from the beginning of the result set for pagination., sort: str # Optional field to sort results by. Prefix with '-' for descending order (e.g., '-created_at').} @returns(200) {data: [map], meta: map{page: map{hasMore: bool, totalCount: int(int64), totalFilteredCount: int(int64)}, schema: map{fields: [map], primary_key: str}}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/actions-datastores/{datastore_id}/items @desc Update datastore item @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @optional {data: map{attributes: map, id: str, type!: str} # Data wrapper containing the item identifier and the changes to apply during the update operation.} @returns(200) {data: map{attributes: map{created_at: str(date-time), modified_at: str(date-time), org_id: int(int64), primary_column_name: str, signature: str, store_id: str, value: map}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/actions-datastores/{datastore_id}/items/bulk @desc Bulk delete datastore items @required {datastore_id: str # The ID of the datastore.} @optional {data: map{attributes: map, id: str, type!: str} # Data wrapper containing the data needed to delete items from a datastore.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests, 500: Internal Server Error} @endpoint POST /api/v2/actions-datastores/{datastore_id}/items/bulk @desc Bulk write datastore items @required {datastore_id: str # The unique identifier of the datastore to retrieve.} @optional {data: map{attributes: map, type!: str} # Data wrapper containing the items to insert and their configuration for the bulk insert operation.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/actions/app_key_registrations @desc List App Key Registrations @optional {page[size]: int(int64) # The number of App Key Registrations to return per page., page[number]: int(int64) # The page number to return.} @returns(200) {data: [map], meta: map{total: int(int64), total_filtered: int(int64)}} # OK @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/actions/app_key_registrations/{app_key_id} @desc Unregister an App Key @required {app_key_id: str # The ID of the app key} @returns(204) No Content @errors {400: Bad request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/actions/app_key_registrations/{app_key_id} @desc Get an existing App Key Registration @required {app_key_id: str # The ID of the app key} @returns(200) {data: map{id: str(uuid), type: str}} # OK @errors {400: Bad request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint PUT /api/v2/actions/app_key_registrations/{app_key_id} @desc Register a new App Key @required {app_key_id: str # The ID of the app key} @returns(201) {data: map{id: str(uuid), type: str}} # Created @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/actions/connections @desc Create a new Action Connection @required {data: map{attributes!: map, id: str, type!: str} # Data related to the connection.} @returns(201) {data: map{attributes: map{integration: any, name: str}, id: str, type: str}} # Successfully created Action Connection @errors {400: Bad Request, 403: Forbidden, 429: Too Many Request} @endpoint DELETE /api/v2/actions/connections/{connection_id} @desc Delete an existing Action Connection @required {connection_id: str # The ID of the action connection} @returns(204) The resource was deleted successfully. @errors {403: Forbidden, 404: Not Found, 429: Too Many Request} @endpoint GET /api/v2/actions/connections/{connection_id} @desc Get an existing Action Connection @required {connection_id: str # The ID of the action connection} @returns(200) {data: map{attributes: map{integration: any, name: str}, id: str, type: str}} # Successfully get Action Connection @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Request} @endpoint PATCH /api/v2/actions/connections/{connection_id} @desc Update an existing Action Connection @required {connection_id: str # The ID of the action connection, data: map{attributes!: map, type!: str} # Data related to the connection update.} @returns(200) {data: map{attributes: map{integration: any, name: str}, id: str, type: str}} # Successfully updated Action Connection @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Request} @endpoint GET /api/v2/agentless_scanning/accounts/aws @desc List AWS scan options @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/agentless_scanning/accounts/aws @desc Create AWS scan options @required {data: map{attributes!: map, id!: str, type!: str} # Object for the scan options of a single AWS account.} @returns(201) {data: map{attributes: map{lambda: bool, sensitive_data: bool, vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # Agentless scan options enabled successfully. @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/agentless_scanning/accounts/aws/{account_id} @desc Delete AWS scan options @required {account_id: str # The ID of an AWS account.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/agentless_scanning/accounts/aws/{account_id} @desc Get AWS scan options @required {account_id: str # The ID of an AWS account.} @returns(200) {data: map{attributes: map{lambda: bool, sensitive_data: bool, vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/agentless_scanning/accounts/aws/{account_id} @desc Update AWS scan options @required {account_id: str # The ID of an AWS account., data: map{attributes!: map, id!: str, type!: str} # Object for the scan options of a single AWS account.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/agentless_scanning/accounts/azure @desc List Azure scan options @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/agentless_scanning/accounts/azure @desc Create Azure scan options @optional {data: map{attributes: map, id!: str, type!: str} # Single Azure scan options entry.} @returns(201) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/agentless_scanning/accounts/azure/{subscription_id} @desc Delete Azure scan options @required {subscription_id: str # The Azure subscription ID.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/agentless_scanning/accounts/azure/{subscription_id} @desc Get Azure scan options @required {subscription_id: str # The Azure subscription ID.} @returns(200) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/agentless_scanning/accounts/azure/{subscription_id} @desc Update Azure scan options @required {subscription_id: str # The Azure subscription ID.} @optional {data: map{attributes: map, id!: str, type!: str} # Data object for updating the scan options of a single Azure subscription.} @returns(200) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/agentless_scanning/accounts/gcp @desc List GCP scan options @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/agentless_scanning/accounts/gcp @desc Create GCP scan options @optional {data: map{attributes: map, id!: str, type!: str} # Single GCP scan options entry.} @returns(201) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # Agentless scan options enabled successfully. @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/agentless_scanning/accounts/gcp/{project_id} @desc Delete GCP scan options @required {project_id: str # The GCP project ID.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/agentless_scanning/accounts/gcp/{project_id} @desc Get GCP scan options @required {project_id: str # The GCP project ID.} @returns(200) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/agentless_scanning/accounts/gcp/{project_id} @desc Update GCP scan options @required {project_id: str # The GCP project ID.} @optional {data: map{attributes: map, id!: str, type!: str} # Data object for updating the scan options of a single GCP project.} @returns(200) {data: map{attributes: map{vuln_containers_os: bool, vuln_host_os: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/agentless_scanning/ondemand/aws @desc List AWS on demand tasks @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/agentless_scanning/ondemand/aws @desc Create AWS on demand task @required {data: map{attributes!: map, type!: str} # Object for a single AWS on demand task.} @returns(201) {data: map{attributes: map{arn: str, assigned_at: str, created_at: str, status: str}, id: str, type: str}} # AWS on demand task created successfully. @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/agentless_scanning/ondemand/aws/{task_id} @desc Get AWS on demand task @required {task_id: str # The UUID of the task.} @returns(200) {data: map{attributes: map{arn: str, assigned_at: str, created_at: str, status: str}, id: str, type: str}} # OK. @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/api_keys @desc Get all API keys @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # API key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign., filter: str # Filter API keys by the specified string., filter[created_at][start]: str # Only include API keys created on or after the specified date., filter[created_at][end]: str # Only include API keys created on or before the specified date., filter[modified_at][start]: str # Only include API keys modified on or after the specified date., filter[modified_at][end]: str # Only include API keys modified on or before the specified date., include: str # Comma separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `modified_by`., filter[remote_config_read_enabled]: bool # Filter API keys by remote config read enabled status., filter[category]: str # Filter API keys by category.} @returns(200) {data: [map], included: [any], meta: map{max_allowed: int(int64), page: map{total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/api_keys @desc Create an API key @required {data: map{attributes!: map, type!: str} # Object used to create an API key.} @returns(201) {data: map{attributes: map{category: str, created_at: str(date-time), date_last_used: str(date-time)?, key: str, last4: str, modified_at: str(date-time), name: str, remote_config_read_enabled: bool}, id: str, relationships: map{created_by: map{data: map}, modified_by: map?{data: map?}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/api_keys/{api_key_id} @desc Delete an API key @required {api_key_id: str # The ID of the API key.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/api_keys/{api_key_id} @desc Get API key @required {api_key_id: str # The ID of the API key.} @optional {include: str # Comma separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `modified_by`.} @returns(200) {data: map{attributes: map{category: str, created_at: str(date-time), date_last_used: str(date-time)?, key: str, last4: str, modified_at: str(date-time), name: str, remote_config_read_enabled: bool}, id: str, relationships: map{created_by: map{data: map}, modified_by: map?{data: map?}}, type: str}, included: [any]} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/api_keys/{api_key_id} @desc Edit an API key @required {api_key_id: str # The ID of the API key., data: map{attributes!: map, id!: str, type!: str} # Object used to update an API key.} @returns(200) {data: map{attributes: map{category: str, created_at: str(date-time), date_last_used: str(date-time)?, key: str, last4: str, modified_at: str(date-time), name: str, remote_config_read_enabled: bool}, id: str, relationships: map{created_by: map{data: map}, modified_by: map?{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/apicatalog/api @desc List APIs @optional {query: str # Filter APIs by name, page[limit]: int(int64)=20 # Number of items per page., page[offset]: int(int64)=0 # Offset for pagination.} @returns(200) {data: [map], meta: map{pagination: map{limit: int(int64), offset: int(int64), total_count: int(int64)}}} # OK @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/apicatalog/api/{id} @desc Delete an API @required {id: str(uuid) # ID of the API to delete} @returns(204) API deleted successfully @errors {400: Bad request, 403: Forbidden, 404: API not found error, 429: Too many requests} @endpoint GET /api/v2/apicatalog/api/{id}/openapi @desc Get an API @required {id: str(uuid) # ID of the API to retrieve} @returns(200) OK @errors {400: Bad request, 403: Forbidden, 404: API not found error, 429: Too many requests} @endpoint PUT /api/v2/apicatalog/api/{id}/openapi @desc Update an API @required {id: str(uuid) # ID of the API to modify} @returns(200) {data: map{attributes: map{failed_endpoints: [map]}, id: str(uuid)}} # API updated successfully @errors {400: Bad request, 403: Forbidden, 404: API not found error, 429: Too many requests} @endpoint POST /api/v2/apicatalog/openapi @desc Create a new API @returns(201) {data: map{attributes: map{failed_endpoints: [map]}, id: str(uuid)}} # API created successfully @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/apm/config/metrics @desc Get all span-based metrics @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/apm/config/metrics @desc Create a span-based metric @required {data: map{attributes!: map, id!: str, type!: str} # The new span-based metric properties.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/apm/config/metrics/{metric_id} @desc Delete a span-based metric @required {metric_id: str # The name of the span-based metric.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/apm/config/metrics/{metric_id} @desc Get a span-based metric @required {metric_id: str # The name of the span-based metric.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/apm/config/metrics/{metric_id} @desc Update a span-based metric @required {metric_id: str # The name of the span-based metric., data: map{attributes!: map, type!: str} # The new span-based metric properties.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/apm/config/retention-filters @desc List all APM retention filters @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/apm/config/retention-filters @desc Create a retention filter @required {data: map{attributes!: map, type!: str} # The body of the retention filter to be created.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: str, editable: bool, enabled: bool, execution_order: int(int64), filter: map{query: str}, filter_type: str, modified_at: int(int64), modified_by: str, name: str, rate: num(double), trace_rate: num(double)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint PUT /api/v2/apm/config/retention-filters-execution-order @desc Re-order retention filters @required {data: [map{id!: str, type!: str}] # A list of retention filters objects.} @returns(200) OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/apm/config/retention-filters/{filter_id} @desc Delete a retention filter @required {filter_id: str # The ID of the retention filter.} @returns(200) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/apm/config/retention-filters/{filter_id} @desc Get a given APM retention filter @required {filter_id: str # The ID of the retention filter.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: str, editable: bool, enabled: bool, execution_order: int(int64), filter: map{query: str}, filter_type: str, modified_at: int(int64), modified_by: str, name: str, rate: num(double), trace_rate: num(double)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/apm/config/retention-filters/{filter_id} @desc Update a retention filter @required {filter_id: str # The ID of the retention filter., data: map{attributes!: map, id!: str, type!: str} # The body of the retention filter to be updated.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: str, editable: bool, enabled: bool, execution_order: int(int64), filter: map{query: str}, filter_type: str, modified_at: int(int64), modified_by: str, name: str, rate: num(double), trace_rate: num(double)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/apm/services @desc Get service list @required {filter[env]: str # Filter services by environment. Can be set to `*` to return all services across all environments.} @returns(200) {data: map{attributes: map{metadata: [map], services: [str]}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/app-builder/apps @desc Delete Multiple Apps @optional {data: [map{id!: str(uuid), type!: str}] # An array of objects containing the IDs of the apps to delete.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/app-builder/apps @desc List Apps @optional {limit: int(int64) # The number of apps to return per page., page: int(int64) # The page number to return., filter[user_name]: str # Filter apps by the app creator. Usually the user's email., filter[user_uuid]: str(uuid) # Filter apps by the app creator's UUID., filter[name]: str # Filter by app name., filter[query]: str # Filter apps by the app name or the app creator., filter[deployed]: bool # Filter apps by whether they are published., filter[tags]: str # Filter apps by tags., filter[favorite]: bool # Filter apps by whether you have added them to your favorites., filter[self_service]: bool # Filter apps by whether they are enabled for self-service., sort: [str] # The fields and direction to sort apps by.} @returns(200) {data: [map], included: [map], meta: map{page: map{totalCount: int(int64), totalFilteredCount: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/app-builder/apps @desc Create App @optional {data: map{attributes: map, type!: str} # The data object containing the app definition.} @returns(201) {data: map{id: str(uuid), type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/app-builder/apps/{app_id} @desc Delete App @required {app_id: str(uuid) # The ID of the app to delete.} @returns(200) {data: map{id: str(uuid), type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 410: Gone, 429: Too many requests} @endpoint GET /api/v2/app-builder/apps/{app_id} @desc Get App @required {app_id: str(uuid) # The ID of the app to retrieve.} @optional {version: str # The version number of the app to retrieve. If not specified, the latest version is returned. Version numbers start at 1 and increment with each update. The special values `latest` and `deployed` can be used to retrieve the latest version or the published version, respectively.} @returns(200) {data: map{attributes: map{components: [map], description: str, favorite: bool, name: str, queries: [any], rootInstanceName: str, tags: [str]}, id: str(uuid), type: str}, included: [map], meta: map{created_at: str(date-time), deleted_at: str(date-time), org_id: int(int64), updated_at: str(date-time), updated_since_deployment: bool, user_id: int(int64), user_name: str, user_uuid: str(uuid), version: int(int64)}, relationship: map{connections: [map], deployment: map{data: map{id: str(uuid), type: str}, meta: map{created_at: str(date-time), user_id: int(int64), user_name: str, user_uuid: str(uuid)}}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 410: Gone, 429: Too many requests} @endpoint PATCH /api/v2/app-builder/apps/{app_id} @desc Update App @required {app_id: str(uuid) # The ID of the app to update.} @optional {data: map{attributes: map, id: str(uuid), type!: str} # The data object containing the new app definition. Any fields not included in the request remain unchanged.} @returns(200) {data: map{attributes: map{components: [map], description: str, favorite: bool, name: str, queries: [any], rootInstanceName: str, tags: [str]}, id: str(uuid), type: str}, included: [map], meta: map{created_at: str(date-time), deleted_at: str(date-time), org_id: int(int64), updated_at: str(date-time), updated_since_deployment: bool, user_id: int(int64), user_name: str, user_uuid: str(uuid), version: int(int64)}, relationship: map{connections: [map], deployment: map{data: map{id: str(uuid), type: str}, meta: map{created_at: str(date-time), user_id: int(int64), user_name: str, user_uuid: str(uuid)}}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/app-builder/apps/{app_id}/deployment @desc Unpublish App @required {app_id: str(uuid) # The ID of the app to unpublish.} @returns(200) {data: map{attributes: map{app_version_id: str(uuid)}, id: str(uuid), meta: map{created_at: str(date-time), user_id: int(int64), user_name: str, user_uuid: str(uuid)}, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/app-builder/apps/{app_id}/deployment @desc Publish App @required {app_id: str(uuid) # The ID of the app to publish.} @returns(201) {data: map{attributes: map{app_version_id: str(uuid)}, id: str(uuid), meta: map{created_at: str(date-time), user_id: int(int64), user_name: str, user_uuid: str(uuid)}, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/application_keys @desc Get all application keys @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Application key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign., filter: str # Filter application keys by the specified string., filter[created_at][start]: str # Only include application keys created on or after the specified date., filter[created_at][end]: str # Only include application keys created on or before the specified date., include: str # Resource path for related resources to include in the response. Only `owned_by` is supported.} @returns(200) {data: [map], included: [any], meta: map{max_allowed_per_user: int(int64), page: map{total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/application_keys/{app_key_id} @desc Delete an application key @required {app_key_id: str # The ID of the application key.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/application_keys/{app_key_id} @desc Get an application key @required {app_key_id: str # The ID of the application key.} @optional {include: str # Resource path for related resources to include in the response. Only `owned_by` is supported.} @returns(200) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/application_keys/{app_key_id} @desc Edit an application key @required {app_key_id: str # The ID of the application key., data: map{attributes!: map, id!: str, type!: str} # Object used to update an application key.} @returns(200) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/audit/events @desc Get a list of Audit Logs events @optional {filter[query]: str # Search query following Audit Logs syntax., filter[from]: str(date-time) # Minimum timestamp for requested events., filter[to]: str(date-time) # Maximum timestamp for requested events., sort: str # Order of events in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of events in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/audit/events/search @desc Search Audit Logs events @optional {filter: map{from: str, query: str, to: str} # Search and filter query settings., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Note: Specify either timezone or time offset, not both. Otherwise, the query fails., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing events., sort: str(timestamp/-timestamp) # Sort parameters when querying events.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/authn_mappings @desc List all AuthN Mappings @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Sort AuthN Mappings depending on the given field., filter: str # Filter all mappings by the given string., resource_type: str # Filter by mapping resource type. Defaults to "role" if not specified.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {403: Authentication Error, 429: Too many requests} @endpoint POST /api/v2/authn_mappings @desc Create an AuthN Mapping @required {data: map{attributes: map, relationships: any, type!: str} # Data for creating an AuthN Mapping.} @returns(200) {data: map{attributes: map{attribute_key: str, attribute_value: str, created_at: str(date-time), modified_at: str(date-time), saml_assertion_attribute_id: str}, id: str, relationships: map{role: map{data: map}, saml_assertion_attribute: map{data: map}, team: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/authn_mappings/{authn_mapping_id} @desc Delete an AuthN Mapping @required {authn_mapping_id: str # The UUID of the AuthN Mapping.} @returns(204) OK @errors {403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/authn_mappings/{authn_mapping_id} @desc Get an AuthN Mapping by UUID @required {authn_mapping_id: str # The UUID of the AuthN Mapping.} @returns(200) {data: map{attributes: map{attribute_key: str, attribute_value: str, created_at: str(date-time), modified_at: str(date-time), saml_assertion_attribute_id: str}, id: str, relationships: map{role: map{data: map}, saml_assertion_attribute: map{data: map}, team: map{data: map}}, type: str}, included: [any]} # OK @errors {403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/authn_mappings/{authn_mapping_id} @desc Edit an AuthN Mapping @required {authn_mapping_id: str # The UUID of the AuthN Mapping., data: map{attributes: map, id!: str, relationships: any, type!: str} # Data for updating an AuthN Mapping.} @returns(200) {data: map{attributes: map{attribute_key: str, attribute_value: str, created_at: str(date-time), modified_at: str(date-time), saml_assertion_attribute_id: str}, id: str, relationships: map{role: map{data: map}, saml_assertion_attribute: map{data: map}, team: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 409: Conflict, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/cases @desc Search cases @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort[field]: str # Specify which field to sort, filter: str # Search query, sort[asc]: bool=false # Specify if order is ascending or not} @returns(200) {data: [map], meta: map{page: map{current: int(int64), size: int(int64), total: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases @desc Create a case @required {data: map{attributes!: map, relationships: map, type!: str} # Case creation data} @returns(201) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cases/projects @desc Get all projects @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/projects @desc Create a project @required {data: map{attributes!: map, type!: str} # Project create.} @returns(201) {data: map{attributes: map{columns_config: map{columns: [map]}, enabled_custom_case_types: [str], key: str, name: str, restricted: bool, settings: map{auto_close_inactive_cases: map, auto_transition_assigned_cases: map, integration_incident: map, integration_jira: map, integration_monitor: map, integration_on_call: map, integration_service_now: map, notification: map}}, id: str, relationships: map{member_team: map{data: [map], links: map}, member_user: map{data: [map]}}, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/projects/{project_id} @desc Remove a project @required {project_id: str # Project UUID.} @returns(204) No Content @errors {403: Forbidden, 404: API error response, 429: Too many requests} @endpoint GET /api/v2/cases/projects/{project_id} @desc Get the details of a project @required {project_id: str # Project UUID.} @returns(200) {data: map{attributes: map{columns_config: map{columns: [map]}, enabled_custom_case_types: [str], key: str, name: str, restricted: bool, settings: map{auto_close_inactive_cases: map, auto_transition_assigned_cases: map, integration_incident: map, integration_jira: map, integration_monitor: map, integration_on_call: map, integration_service_now: map, notification: map}}, id: str, relationships: map{member_team: map{data: [map], links: map}, member_user: map{data: [map]}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/cases/projects/{project_id} @desc Update a project @required {project_id: str # Project UUID., data: map{attributes: map, type!: str} # Project update.} @returns(200) {data: map{attributes: map{columns_config: map{columns: [map]}, enabled_custom_case_types: [str], key: str, name: str, restricted: bool, settings: map{auto_close_inactive_cases: map, auto_transition_assigned_cases: map, integration_incident: map, integration_jira: map, integration_monitor: map, integration_on_call: map, integration_service_now: map, notification: map}}, id: str, relationships: map{member_team: map{data: [map], links: map}, member_user: map{data: [map]}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cases/projects/{project_id}/notification_rules @desc Get notification rules @required {project_id: str # Project UUID} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/projects/{project_id}/notification_rules @desc Create a notification rule @required {project_id: str # Project UUID, data: map{attributes!: map, type!: str} # Notification rule create} @returns(201) {data: map{attributes: map{is_enabled: bool, query: str, recipients: [map], triggers: [map]}, id: str, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/projects/{project_id}/notification_rules/{notification_rule_id} @desc Delete a notification rule @required {project_id: str # Project UUID, notification_rule_id: str # Notification Rule UUID} @returns(204) No Content @errors {403: Forbidden, 404: API error response, 429: Too many requests} @endpoint PUT /api/v2/cases/projects/{project_id}/notification_rules/{notification_rule_id} @desc Update a notification rule @required {project_id: str # Project UUID, notification_rule_id: str # Notification Rule UUID, data: map{attributes: map, type!: str} # Notification rule update} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cases/types @desc Get all case types @returns(200) {data: [map]} # OK @errors {401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cases/types @desc Create a case type @required {data: map{attributes!: map, type!: str} # Case type} @returns(201) {data: map{attributes: map{deleted_at: str(date-time)?, description: str, emoji: str, name: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/cases/types/custom_attributes @desc Get all custom attributes @returns(200) {data: [map]} # OK @errors {401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/cases/types/{case_type_id} @desc Delete a case type @required {case_type_id: str # Case type's UUID} @returns(204) No Content @errors {401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/cases/types/{case_type_id}/custom_attributes @desc Get all custom attributes config of case type @required {case_type_id: str # Case type's UUID} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cases/types/{case_type_id}/custom_attributes @desc Create custom attribute config for a case type @required {case_type_id: str # Case type's UUID, data: map{attributes!: map, type!: str} # Custom attribute config} @returns(201) {data: map{attributes: map{case_type_id: str, description: str, display_name: str, is_multi: bool, key: str, type: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/types/{case_type_id}/custom_attributes/{custom_attribute_id} @desc Delete custom attributes config @required {case_type_id: str # Case type's UUID, custom_attribute_id: str # Case Custom attribute's UUID} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/cases/{case_id} @desc Get the details of a case @required {case_id: str # Case's UUID or key} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/archive @desc Archive case @required {case_id: str # Case's UUID or key, data: map{type!: str} # Case empty request data} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/assign @desc Assign case @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case assign} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/attributes @desc Update case attributes @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case update attributes} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/comment @desc Comment case @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case comment} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/{case_id}/comment/{cell_id} @desc Delete case comment @required {case_id: str # Case's UUID or key, cell_id: str # Timeline cell's UUID} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/{case_id}/custom_attributes/{custom_attribute_key} @desc Delete custom attribute from case @required {case_id: str # Case's UUID or key, custom_attribute_key: str # Case Custom attribute's key} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/custom_attributes/{custom_attribute_key} @desc Update case custom attribute @required {case_id: str # Case's UUID or key, custom_attribute_key: str # Case Custom attribute's key, data: map{attributes!: map, type!: str} # Case update custom attribute} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/description @desc Update case description @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case update description} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/priority @desc Update case priority @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case priority status} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/relationships/incidents @desc Link incident to case @required {case_id: str # Case's UUID or key, data: map{id!: str, type!: str} # Incident relationship data} @returns(201) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/cases/{case_id}/relationships/jira_issues @desc Remove Jira issue link from case @required {case_id: str # Case's UUID or key} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/cases/{case_id}/relationships/jira_issues @desc Link existing Jira issue to case @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Jira issue link data} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/relationships/jira_issues @desc Create Jira issue for case @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Jira issue creation data} @returns(202) Accepted @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/relationships/notebook @desc Create investigation notebook for case @required {case_id: str # Case's UUID or key, data: map{type!: str} # Notebook creation data} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/cases/{case_id}/relationships/project @desc Update case project @required {case_id: str # Case's UUID or key, data: map{id!: str, type!: str} # Relationship to project object.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/relationships/servicenow_tickets @desc Create ServiceNow ticket for case @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # ServiceNow ticket creation data} @returns(202) Accepted @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/status @desc Update case status @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case update status} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/title @desc Update case title @required {case_id: str # Case's UUID or key, data: map{attributes!: map, type!: str} # Case update title} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/unarchive @desc Unarchive case @required {case_id: str # Case's UUID or key, data: map{type!: str} # Case empty request data} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cases/{case_id}/unassign @desc Unassign case @required {case_id: str # Case's UUID or key, data: map{type!: str} # Case empty request data} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, closed_at: str(date-time)?, created_at: str(date-time), custom_attributes: map, description: str, jira_issue: map?{result: map, status: str}, key: str, modified_at: str(date-time)?, priority: str, service_now_ticket: map?{result: map, status: str}, status: str, status_group: str, status_name: str, title: str, type: str, type_id: str}, id: str, relationships: map{assignee: map?{data: map?}, created_by: map?{data: map?}, modified_by: map?{data: map?}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/catalog/entity @desc Get a list of entities @optional {page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., page[limit]: int(int64)=100 # Maximum number of entities in the response., filter[id]: str # Filter entities by UUID., filter[ref]: str # Filter entities by reference, filter[name]: str # Filter entities by name., filter[kind]: str # Filter entities by kind., filter[owner]: str # Filter entities by owner., filter[relation][type]: str # Filter entities by relation type., filter[exclude_snapshot]: str # Filter entities by excluding snapshotted entities., include: str # Include relationship data., includeDiscovered: bool=false # If true, includes discovered services from APM and USM that do not have entity definitions.} @returns(200) {data: [map], included: [any], links: map{next: str, previous: str, self: str}, meta: map{count: int(int64), includeCount: int(int64)}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/catalog/entity @desc Create or update entities @returns(202) {data: [map], included: [any], meta: map{count: int(int64), includeCount: int(int64)}} # ACCEPTED @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/catalog/entity/preview @desc Preview catalog entities @returns(202) {data: [map]} # Accepted @errors {429: Too many requests} @endpoint DELETE /api/v2/catalog/entity/{entity_id} @desc Delete a single entity @required {entity_id: str # UUID or Entity Ref.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/catalog/kind @desc Get a list of entity kinds @optional {page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., page[limit]: int(int64)=100 # Maximum number of kinds in the response., filter[id]: str # Filter entities by UUID., filter[name]: str # Filter entities by name.} @returns(200) {data: [map], meta: map{count: int(int64)}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/catalog/kind @desc Create or update kinds @returns(202) {data: [map], meta: map{count: int(int64)}} # ACCEPTED @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/catalog/kind/{kind_id} @desc Delete a single kind @required {kind_id: str # Entity kind.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/catalog/relation @desc Get a list of entity relations @optional {page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., page[limit]: int(int64)=100 # Maximum number of relations in the response., filter[type]: str # Filter relations by type., filter[from_ref]: str # Filter relations by the reference of the first entity in the relation., filter[to_ref]: str # Filter relations by the reference of the second entity in the relation., include: str # Include relationship data., includeDiscovered: bool=false # If true, includes relationships discovered by APM and USM.} @returns(200) {data: [map], included: [map], links: map{next: str, previous: str, self: str}, meta: map{count: int(int64), includeCount: int(int64)}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/change-management/change-request @desc Create a change request @required {data: map{attributes!: map, type!: str} # Data object to create a change request.} @returns(201) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/change-management/change-request/{change_request_id} @desc Get a change request @required {change_request_id: str # The identifier of the change request.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/change-management/change-request/{change_request_id} @desc Update a change request @required {change_request_id: str # The identifier of the change request., data: map{attributes: map, relationships: map, type!: str} # Data object to update a change request.} @optional {included: [map{attributes: map, id!: str, relationships: map, type!: str}] # Included resources for the change request update.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/change-management/change-request/{change_request_id}/branch @desc Create a change request branch @required {change_request_id: str # The identifier of the change request., data: map{attributes!: map, type!: str} # Data object to create a change request branch.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/change-management/change-request/{change_request_id}/decisions/{decision_id} @desc Delete a change request decision @required {change_request_id: str # The identifier of the change request., decision_id: str # The identifier of the change request decision.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/change-management/change-request/{change_request_id}/decisions/{decision_id} @desc Update a change request decision @required {change_request_id: str # The identifier of the change request., decision_id: str # The identifier of the change request decision., data: map{attributes: map, relationships: map, type!: str} # Data object to update a change request decision.} @optional {included: [map{attributes: map, id!: str, relationships: map, type!: str}] # Included resources for the change request update.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, attributes: map, change_request_linked_incident_uuid: str, change_request_maintenance_window_query: str, change_request_plan: str, change_request_risk: str, change_request_type: str, closed_at: str(date-time)?, created_at: str(date-time), creation_source: str, description: str, end_date: str(date-time), key: str, modified_at: str(date-time), plan_notebook_id: int(int64), priority: str, project_id: str, start_date: str(date-time), status: str, title: str, type: str}, id: str, relationships: map{change_request_decisions: map{data: [map]}, created_by: map{data: map?}, modified_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/ci/pipeline @desc Send pipeline event @optional {data: any # Data of the pipeline events to create.} @returns(202) Request accepted for processing @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 408: Request Timeout, 413: Payload Too Large, 429: Too Many Requests, 500: Internal Server Error, 503: Service Unavailable} @endpoint POST /api/v2/ci/pipelines/analytics/aggregate @desc Aggregate pipelines events @optional {compute: [map{aggregation!: str, interval: str, metric: str, type: str}] # The list of metrics or timeseries to compute for the retrieved buckets., filter: map{from: str, query: str, to: str} # The search and filter query settings., group_by: [map{facet!: str, histogram: map, limit: int(int64), missing: any, sort: map, total: any}] # The rules for the group-by., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Only supply timezone or time offset, not both. Otherwise, the query fails.} @returns(200) {data: map{buckets: [map]}, links: map{next: str}, meta: map{elapsed: int(int64), request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/ci/pipelines/events @desc Get a list of pipelines events @optional {filter[query]: str # Search query following log syntax., filter[from]: str(date-time) # Minimum timestamp for requested events., filter[to]: str(date-time) # Maximum timestamp for requested events., sort: str # Order of events in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of events in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/ci/pipelines/events/search @desc Search pipelines events @optional {filter: map{from: str, query: str, to: str} # The search and filter query settings., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Only supply timezone or time offset, not both. Otherwise, the query fails., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing events., sort: str(timestamp/-timestamp) # Sort parameters when querying events.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/ci/test-optimization/settings/service @desc Delete Test Optimization service settings @required {data: map{attributes!: map, type!: str} # Data object for delete service settings request.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/ci/test-optimization/settings/service @desc Update Test Optimization service settings @required {data: map{attributes!: map, type!: str} # Data object for update service settings request.} @returns(200) {data: map{attributes: map{auto_test_retries_enabled: bool, code_coverage_enabled: bool, early_flake_detection_enabled: bool, env: str, failed_test_replay_enabled: bool, pr_comments_enabled: bool, repository_id: str, service_name: str, test_impact_analysis_enabled: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/ci/test-optimization/settings/service @desc Get Test Optimization service settings @required {data: map{attributes!: map, type!: str} # Data object for get service settings request.} @returns(200) {data: map{attributes: map{auto_test_retries_enabled: bool, code_coverage_enabled: bool, early_flake_detection_enabled: bool, env: str, failed_test_replay_enabled: bool, pr_comments_enabled: bool, repository_id: str, service_name: str, test_impact_analysis_enabled: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/ci/tests/analytics/aggregate @desc Aggregate tests events @optional {compute: [map{aggregation!: str, interval: str, metric: str, type: str}] # The list of metrics or timeseries to compute for the retrieved buckets., filter: map{from: str, query: str, to: str} # The search and filter query settings., group_by: [map{facet!: str, histogram: map, limit: int(int64), missing: any, sort: map, total: any}] # The rules for the group-by., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Only supply timezone or time offset, not both. Otherwise, the query fails.} @returns(200) {data: map{buckets: [map]}, links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/ci/tests/events @desc Get a list of tests events @optional {filter[query]: str # Search query following log syntax., filter[from]: str(date-time) # Minimum timestamp for requested events., filter[to]: str(date-time) # Maximum timestamp for requested events., sort: str # Order of events in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of events in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/ci/tests/events/search @desc Search tests events @optional {filter: map{from: str, query: str, to: str} # The search and filter query settings., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Only supply timezone or time offset, not both. Otherwise, the query fails., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing events., sort: str(timestamp/-timestamp) # Sort parameters when querying events.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/cloud_auth/aws/persona_mapping @desc List AWS cloud authentication persona mappings @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cloud_auth/aws/persona_mapping @desc Create an AWS cloud authentication persona mapping @required {data: map{attributes!: map, type!: str} # Data for creating an AWS cloud authentication persona mapping} @returns(201) {data: map{attributes: map{account_identifier: str, account_uuid: str, arn_pattern: str}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/cloud_auth/aws/persona_mapping/{persona_mapping_id} @desc Delete an AWS cloud authentication persona mapping @required {persona_mapping_id: str # The ID of the persona mapping} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cloud_auth/aws/persona_mapping/{persona_mapping_id} @desc Get an AWS cloud authentication persona mapping @required {persona_mapping_id: str # The ID of the persona mapping} @returns(200) {data: map{attributes: map{account_identifier: str, account_uuid: str, arn_pattern: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cloud_security_management/custom_frameworks @desc Create a custom framework @required {data: map{attributes!: map, type!: str} # Contains type and attributes for custom frameworks.} @returns(200) {data: map{attributes: map{handle: str, version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 409: Conflict, 429: Too many requests, 500: Bad Request} @endpoint DELETE /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} @desc Delete a custom framework @required {handle: str # The framework handle, version: str # The framework version} @returns(200) {data: map{attributes: map{description: str, handle: str, icon_url: str, name: str, version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests, 500: Bad Request} @endpoint GET /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} @desc Get a custom framework @required {handle: str # The framework handle, version: str # The framework version} @returns(200) {data: map{attributes: map{handle: str, icon_url: str, name: str, requirements: [map], version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests, 500: Bad Request} @endpoint PUT /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} @desc Update a custom framework @required {handle: str # The framework handle, version: str # The framework version, data: map{attributes!: map, type!: str} # Contains type and attributes for custom frameworks.} @returns(200) {data: map{attributes: map{handle: str, version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests, 500: Bad Request} @endpoint GET /api/v2/cloud_security_management/resource_filters @desc List resource filters @optional {cloud_provider: str # Filter resource filters by cloud provider (e.g. aws, gcp, azure)., account_id: str # Filter resource filters by cloud provider account ID. This parameter is only valid when provider is specified., skip_cache: bool # Skip cache for resource filters.} @returns(200) {data: map{attributes: map{cloud_provider: map, uuid: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint PUT /api/v2/cloud_security_management/resource_filters @desc Update resource filters @required {data: map{attributes!: map, id: str, type!: str} # The definition of `UpdateResourceFilterRequestData` object.} @returns(201) {data: map{attributes: map{cloud_provider: map, uuid: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/code-coverage/branch/summary @desc Get code coverage summary for a branch @required {data: map{attributes!: map, type!: str} # Data object for branch summary request.} @returns(200) {data: map{attributes: map{codeowners: map?, evaluated_flags_count: int(int64), evaluated_reports_count: int(int64), patch_coverage: num(double)?, services: map?, total_coverage: num(double)?}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests, 500: Internal server error} @endpoint POST /api/v2/code-coverage/commit/summary @desc Get code coverage summary for a commit @required {data: map{attributes!: map, type!: str} # Data object for commit summary request.} @returns(200) {data: map{attributes: map{codeowners: map?, evaluated_flags_count: int(int64), evaluated_reports_count: int(int64), patch_coverage: num(double)?, services: map?, total_coverage: num(double)?}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests, 500: Internal server error} @endpoint GET /api/v2/container_images @desc Get all Container Images @optional {filter[tags]: str # Comma-separated list of tags to filter Container Images by., group_by: str # Comma-separated list of tags to group Container Images by., sort: str # Attribute to sort Container Images by., page[size]: int(int32)=1000 # Maximum number of results returned., page[cursor]: str # String to query the next page of results. This key is provided with each valid response from the API in `meta.pagination.next_cursor`.} @returns(200) {data: [any], links: map{first: str, last: str?, next: str?, prev: str?, self: str}, meta: map{pagination: map{cursor: str, limit: int(int32), next_cursor: str, prev_cursor: str?, total: int(int64), type: str}}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint GET /api/v2/containers @desc Get All Containers @optional {filter[tags]: str # Comma-separated list of tags to filter containers by., group_by: str # Comma-separated list of tags to group containers by., sort: str # Attribute to sort containers by., page[size]: int(int32)=1000 # Maximum number of results returned., page[cursor]: str # String to query the next page of results. This key is provided with each valid response from the API in `meta.pagination.next_cursor`.} @returns(200) {data: [any], links: map{first: str, last: str?, next: str?, prev: str?, self: str}, meta: map{pagination: map{cursor: str, limit: int(int32), next_cursor: str, prev_cursor: str?, total: int(int64), type: str}}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint GET /api/v2/cost/arbitrary_rule @desc List custom allocation rules @returns(200) {data: [map], meta: map{total_count: int(int64)}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/cost/arbitrary_rule @desc Create custom allocation rule @optional {data: map{attributes: map, id: str, type!: str} # The definition of `ArbitraryCostUpsertRequestData` object.} @returns(200) {data: map{attributes: map{costs_to_allocate: [map], created: str(date-time), enabled: bool, last_modified_user_uuid: str, order_id: int(int64), processing_status: str, provider: [str], rejected: bool, rule_name: str, strategy: map{allocated_by: [map], allocated_by_filters: [map], allocated_by_tag_keys: [str], based_on_costs: [map], based_on_timeseries: map, evaluate_grouped_by_filters: [map], evaluate_grouped_by_tag_keys: [str], granularity: str, method: str}, type: str, updated: str(date-time), version: int(int32)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/cost/arbitrary_rule/reorder @desc Reorder custom allocation rules @required {data: [map{id: str, type!: str}] # The `ReorderRuleResourceArray` `data`.} @returns(204) Successfully reordered rules @errors {429: Too many requests} @endpoint DELETE /api/v2/cost/arbitrary_rule/{rule_id} @desc Delete custom allocation rule @required {rule_id: int(int64) # The unique identifier of the custom allocation rule} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/cost/arbitrary_rule/{rule_id} @desc Get custom allocation rule @required {rule_id: int(int64) # The unique identifier of the custom allocation rule} @returns(200) {data: map{attributes: map{costs_to_allocate: [map], created: str(date-time), enabled: bool, last_modified_user_uuid: str, order_id: int(int64), processing_status: str, provider: [str], rejected: bool, rule_name: str, strategy: map{allocated_by: [map], allocated_by_filters: [map], allocated_by_tag_keys: [str], based_on_costs: [map], based_on_timeseries: map, evaluate_grouped_by_filters: [map], evaluate_grouped_by_tag_keys: [str], granularity: str, method: str}, type: str, updated: str(date-time), version: int(int32)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/cost/arbitrary_rule/{rule_id} @desc Update custom allocation rule @required {rule_id: int(int64) # The unique identifier of the custom allocation rule} @optional {data: map{attributes: map, id: str, type!: str} # The definition of `ArbitraryCostUpsertRequestData` object.} @returns(200) {data: map{attributes: map{costs_to_allocate: [map], created: str(date-time), enabled: bool, last_modified_user_uuid: str, order_id: int(int64), processing_status: str, provider: [str], rejected: bool, rule_name: str, strategy: map{allocated_by: [map], allocated_by_filters: [map], allocated_by_tag_keys: [str], based_on_costs: [map], based_on_timeseries: map, evaluate_grouped_by_filters: [map], evaluate_grouped_by_tag_keys: [str], granularity: str, method: str}, type: str, updated: str(date-time), version: int(int32)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/cost/aws_cur_config @desc List Cloud Cost Management AWS CUR configs @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cost/aws_cur_config @desc Create Cloud Cost Management AWS CUR config @required {data: map{attributes: map, type!: str} # AWS CUR config Post data.} @returns(200) {data: map{attributes: map{account_filters: map{excluded_accounts: [str], include_new_accounts: bool?, included_accounts: [str]}, account_id: str, bucket_name: str, bucket_region: str, created_at: str, error_messages: [str]?, months: int(int64), report_name: str, report_prefix: str, status: str, status_updated_at: str, updated_at: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/cost/aws_cur_config/{cloud_account_id} @desc Delete Cloud Cost Management AWS CUR config @required {cloud_account_id: int(int64) # Cloud Account id.} @returns(204) No Content @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/aws_cur_config/{cloud_account_id} @desc Get cost AWS CUR config @required {cloud_account_id: int(int64) # The unique identifier of the cloud account} @returns(200) {data: map{attributes: map{account_filters: map{excluded_accounts: [str], include_new_accounts: bool?, included_accounts: [str]}, account_id: str, bucket_name: str, bucket_region: str, created_at: str, error_messages: [str]?, months: int(int64), report_name: str, report_prefix: str, status: str, status_updated_at: str, updated_at: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/cost/aws_cur_config/{cloud_account_id} @desc Update Cloud Cost Management AWS CUR config @required {cloud_account_id: int(int64) # Cloud Account id., data: map{attributes!: map, type!: str} # AWS CUR config Patch data.} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/azure_uc_config @desc List Cloud Cost Management Azure configs @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cost/azure_uc_config @desc Create Cloud Cost Management Azure configs @required {data: map{attributes: map, type!: str} # Azure config Post data.} @returns(200) {data: map{attributes: map{configs: [map], id: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/cost/azure_uc_config/{cloud_account_id} @desc Delete Cloud Cost Management Azure config @required {cloud_account_id: int(int64) # Cloud Account id.} @returns(204) No Content @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/azure_uc_config/{cloud_account_id} @desc Get cost Azure UC config @required {cloud_account_id: int(int64) # The unique identifier of the cloud account} @returns(200) {data: map{attributes: map{configs: [map]}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/cost/azure_uc_config/{cloud_account_id} @desc Update Cloud Cost Management Azure config @required {cloud_account_id: int(int64) # Cloud Account id., data: map{attributes: map, type!: str} # Azure config Patch data.} @returns(200) {data: map{attributes: map{configs: [map], id: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/cost/budget @desc Create or update a budget @optional {data: map{attributes: map, id: str, type: str} # A budget and all its entries.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: str, end_month: int(int64), entries: [map], metrics_query: str, name: str, org_id: int(int64), start_month: int(int64), total_amount: num(double), updated_at: int(int64), updated_by: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/cost/budget/csv/validate @desc Validate CSV budget @returns(200) {errors: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/cost/budget/validate @desc Validate budget @optional {data: map{attributes: map, id: str, type!: str} # The data object for a budget validation request, containing the resource type, ID, and budget attributes to validate.} @returns(200) {data: map{attributes: map{errors: [str], valid: bool}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/cost/budget/{budget_id} @desc Delete budget @required {budget_id: str # Budget id.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/cost/budget/{budget_id} @desc Get budget @required {budget_id: str # Budget id.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: str, end_month: int(int64), entries: [map], metrics_query: str, name: str, org_id: int(int64), start_month: int(int64), total_amount: num(double), updated_at: int(int64), updated_by: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/cost/budgets @desc List budgets @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/cost/custom_costs @desc List Custom Costs files @optional {page[number]: int(int64) # Page number for pagination, page[size]: int(int64)=100 # Page size for pagination, filter[status]: str # Filter by file status, sort: str=created_at # Sort key with optional descending prefix} @returns(200) {data: [map], meta: map{total_filtered_count: int(int64), version: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint PUT /api/v2/cost/custom_costs @desc Upload Custom Costs file @returns(202) {data: map{attributes: map{billed_cost: num(double), billing_currency: str, charge_period: map{end: num(double), start: num(double)}, name: str, provider_names: [str], status: str, uploaded_at: num(double), uploaded_by: map{email: str, icon: str, name: str}}, id: str, type: str}, meta: map{version: str}} # Accepted @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/cost/custom_costs/{file_id} @desc Delete Custom Costs file @required {file_id: str # File ID.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/custom_costs/{file_id} @desc Get Custom Costs file @required {file_id: str # File ID.} @returns(200) {data: map{attributes: map{billed_cost: num(double), billing_currency: str, charge_period: map{end: num(double), start: num(double)}, content: [map], name: str, provider_names: [str], status: str, uploaded_at: num(double), uploaded_by: map{email: str, icon: str, name: str}}, id: str, type: str}, meta: map{version: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/gcp_uc_config @desc List Google Cloud Usage Cost configs @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/cost/gcp_uc_config @desc Create Google Cloud Usage Cost config @required {data: map{attributes: map, type!: str} # Google Cloud Usage Cost config post data.} @returns(200) {data: map{attributes: map{account_id: str, bucket_name: str, created_at: str, dataset: str, error_messages: [str]?, export_prefix: str, export_project_name: str, months: int(int32), project_id: str, service_account: str, status: str, status_updated_at: str, updated_at: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/cost/gcp_uc_config/{cloud_account_id} @desc Delete Google Cloud Usage Cost config @required {cloud_account_id: int(int64) # Cloud Account id.} @returns(204) No Content @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost/gcp_uc_config/{cloud_account_id} @desc Get Google Cloud Usage Cost config @required {cloud_account_id: int(int64) # The unique identifier of the cloud account} @returns(200) {data: map{attributes: map{account_id: str, bucket_name: str, created_at: str, dataset: str, error_messages: [str]?, export_prefix: str, export_project_name: str, months: int(int64), project_id: str, service_account: str, status: str, status_updated_at: str, updated_at: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/cost/gcp_uc_config/{cloud_account_id} @desc Update Google Cloud Usage Cost config @required {cloud_account_id: int(int64) # Cloud Account id., data: map{attributes!: map, type!: str} # Google Cloud Usage Cost config patch data.} @returns(200) {data: map{attributes: map{account_id: str, bucket_name: str, created_at: str, dataset: str, error_messages: [str]?, export_prefix: str, export_project_name: str, months: int(int32), project_id: str, service_account: str, status: str, status_updated_at: str, updated_at: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/cost_by_tag/active_billing_dimensions @desc Get active billing dimensions for cost attribution @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/cost_by_tag/monthly_cost_attribution @desc Get Monthly Cost Attribution @required {start_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning in this month., fields: str # Comma-separated list specifying cost types (e.g., `_on_demand_cost`, `_committed_cost`, `_total_cost`) and the proportions (`_percentage_in_org`, `_percentage_in_account`). Use `*` to retrieve all fields. Example: `infra_host_on_demand_cost,infra_host_percentage_in_account` To obtain the complete list of active billing dimensions that can be used to replace `` in the field names, make a request to the [Get active billing dimensions API](https://docs.datadoghq.com/api/latest/usage-metering/#get-active-billing-dimensions-for-cost-attribution).} @optional {end_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month., sort_direction: str # The direction to sort by: `[desc, asc]`., sort_name: str # The billing dimension to sort by. Always sorted by total cost. Example: `infra_host`., tag_breakdown_keys: str # Comma separated list of tag keys used to group cost. If no value is provided the cost will not be broken down by tags. To see which tags are available, look for the value of `tag_config_source` in the API response., next_record_id: str # List following results with a next_record_id provided in the previous query., include_descendants: bool=true # Include child org cost in the response. Defaults to `true`.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/csm/onboarding/agents @desc Get all CSM Agents @optional {page: int(int32) # The page index for pagination (zero-based)., size: int(int32) # The number of items to include in a single page., query: str # A search query string to filter results (for example, `hostname:COMP-T2H4J27423`)., order_direction: str # The sort direction for results. Use `asc` for ascending or `desc` for descending.} @returns(200) {data: [map], meta: map{page_index: int(int64), page_size: int(int64), total_filtered: int(int64)}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/csm/onboarding/coverage_analysis/cloud_accounts @desc Get the CSM Cloud Accounts Coverage Analysis @returns(200) {data: map{attributes: map{aws_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, azure_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, gcp_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, org_id: int(int64), total_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}}, id: str, type: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/csm/onboarding/coverage_analysis/hosts_and_containers @desc Get the CSM Hosts and Containers Coverage Analysis @returns(200) {data: map{attributes: map{cspm_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, cws_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, org_id: int(int64), total_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, vm_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}}, id: str, type: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/csm/onboarding/coverage_analysis/serverless @desc Get the CSM Serverless Coverage Analysis @returns(200) {data: map{attributes: map{cws_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}, org_id: int(int64), total_coverage: map{configured_resources_count: int(int64), coverage: num(double), partially_configured_resources_count: int(int64), total_resources_count: int(int64)}}, id: str, type: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/csm/onboarding/serverless/agents @desc Get all CSM Serverless Agents @optional {page: int(int32) # The page index for pagination (zero-based)., size: int(int32) # The number of items to include in a single page., query: str # A search query string to filter results (for example, `hostname:COMP-T2H4J27423`)., order_direction: str # The sort direction for results. Use `asc` for ascending or `desc` for descending.} @returns(200) {data: [map], meta: map{page_index: int(int64), page_size: int(int64), total_filtered: int(int64)}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/current_user/application_keys @desc Get all application keys owned by current user @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Application key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign., filter: str # Filter application keys by the specified string., filter[created_at][start]: str # Only include application keys created on or after the specified date., filter[created_at][end]: str # Only include application keys created on or before the specified date., include: str # Resource path for related resources to include in the response. Only `owned_by` is supported.} @returns(200) {data: [map], included: [any], meta: map{max_allowed_per_user: int(int64), page: map{total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/current_user/application_keys @desc Create an application key for current user @required {data: map{attributes!: map, type!: str} # Object used to create an application key.} @returns(201) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/current_user/application_keys/{app_key_id} @desc Delete an application key owned by current user @required {app_key_id: str # The ID of the application key.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/current_user/application_keys/{app_key_id} @desc Get one application key owned by current user @required {app_key_id: str # The ID of the application key.} @returns(200) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/current_user/application_keys/{app_key_id} @desc Edit an application key owned by current user @required {app_key_id: str # The ID of the application key., data: map{attributes!: map, id!: str, type!: str} # Object used to update an application key.} @returns(200) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards @desc Delete items from a dashboard list @required {dashboard_list_id: int(int64) # ID of the dashboard list to delete items from.} @optional {dashboards: [map{id!: str, type!: str}] # List of dashboards to delete from the dashboard list.} @returns(200) {deleted_dashboards_from_list: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards @desc Get items of a Dashboard List @required {dashboard_list_id: int(int64) # ID of the dashboard list to get items from.} @returns(200) {dashboards: [map], total: int(int64)} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards @desc Add Items to a Dashboard List @required {dashboard_list_id: int(int64) # ID of the dashboard list to add items to.} @optional {dashboards: [map{id!: str, type!: str}] # List of dashboards to add the dashboard list.} @returns(200) {added_dashboards_to_list: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards @desc Update items of a dashboard list @required {dashboard_list_id: int(int64) # ID of the dashboard list to update items from.} @optional {dashboards: [map{id!: str, type!: str}] # List of dashboards to update the dashboard list to.} @returns(200) {dashboards: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/datasets @desc Get all datasets @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/datasets @desc Create a dataset @required {data: map{attributes!: map, type!: str} # **Datasets Object Constraints** - **Tag limit per dataset**: - Each restricted dataset supports a maximum of 10 key:value pairs per product. - **Tag key rules per telemetry type**: - Only one tag key or attribute may be used to define access within a single telemetry type. - The same or different tag key may be used across different telemetry types. - **Tag value uniqueness**: - Tag values must be unique within a single dataset. - A tag value used in one dataset cannot be reused in another dataset of the same telemetry type.} @returns(200) {data: map{attributes: map{created_at: str(date-time)?, created_by: str(uuid), name: str, principals: [str], product_filters: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @example_request {"data":{"attributes":{"name":"Test RUM Dataset","principals":["role:94172442-be03-11e9-a77a-3b7612558ac1"],"product_filters":[{"filters":["@application.id:application_123"],"product":"rum"}]},"type":"dataset"}} @endpoint DELETE /api/v2/datasets/{dataset_id} @desc Delete a dataset @required {dataset_id: str # The ID of a defined dataset.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/datasets/{dataset_id} @desc Get a single dataset by ID @required {dataset_id: str # The ID of a defined dataset.} @returns(200) {data: map{attributes: map{created_at: str(date-time)?, created_by: str(uuid), name: str, principals: [str], product_filters: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/datasets/{dataset_id} @desc Edit a dataset @required {dataset_id: str # The ID of a defined dataset., data: map{attributes!: map, type!: str} # **Datasets Object Constraints** - **Tag limit per dataset**: - Each restricted dataset supports a maximum of 10 key:value pairs per product. - **Tag key rules per telemetry type**: - Only one tag key or attribute may be used to define access within a single telemetry type. - The same or different tag key may be used across different telemetry types. - **Tag value uniqueness**: - Tag values must be unique within a single dataset. - A tag value used in one dataset cannot be reused in another dataset of the same telemetry type.} @returns(200) {data: map{attributes: map{created_at: str(date-time)?, created_by: str(uuid), name: str, principals: [str], product_filters: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/deletion/data/{product} @desc Creates a data deletion request @required {product: str # Name of the product to be deleted, either `logs` or `rum`., data: map{attributes!: map, type!: str} # Data needed to create a data deletion request.} @returns(200) {data: map{attributes: map{created_at: str, created_by: str, from_time: int(int64), indexes: [str], is_created: bool, org_id: int(int64), product: str, query: str, starting_at: str, status: str, to_time: int(int64), total_unrestricted: int(int64), updated_at: str}, id: str, type: str}, meta: map{count_product: map, count_status: map, next_page: str, product: str, request_status: str}} # OK @errors {400: Bad Request, 403: Forbidden, 412: Precondition failed error, 429: Too many requests, 500: Internal server error} @endpoint GET /api/v2/deletion/requests @desc Gets a list of data deletion requests @optional {next_page: str # The next page of the previous search. If the next_page parameter is included, the rest of the query elements are ignored., product: str # Retrieve only the requests related to the given product., query: str # Retrieve only the requests that matches the given query., status: str # Retrieve only the requests with the given status., page_size: int(int64)=50 # Sets the page size of the search.} @returns(200) {data: [map], meta: map{count_product: map, count_status: map, next_page: str, product: str, request_status: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests, 500: Internal server error} @endpoint PUT /api/v2/deletion/requests/{id}/cancel @desc Cancels a data deletion request @required {id: str # ID of the deletion request.} @returns(200) {data: map{attributes: map{created_at: str, created_by: str, from_time: int(int64), indexes: [str], is_created: bool, org_id: int(int64), product: str, query: str, starting_at: str, status: str, to_time: int(int64), total_unrestricted: int(int64), updated_at: str}, id: str, type: str}, meta: map{count_product: map, count_status: map, next_page: str, product: str, request_status: str}} # OK @errors {400: Bad Request, 403: Forbidden, 412: Precondition failed error, 429: Too many requests, 500: Internal server error} @endpoint GET /api/v2/deployment_gates @desc Get all deployment gates @optional {page[cursor]: str # Cursor for pagination. Use the `meta.page.next_cursor` value from the previous response., page[size]: int(int64)=50 # Number of results per page. Defaults to 50. Must be between 1 and 1000.} @returns(200) {data: [map], meta: map{page: map{cursor: str, next_cursor: str, size: int(int64)}}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 429: Too many requests, 500: Internal Server Error} @endpoint POST /api/v2/deployment_gates @desc Create deployment gate @required {data: map{attributes!: map, type!: str} # Parameters for creating a deployment gate.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, env: str, identifier: str, service: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/deployment_gates/{gate_id}/rules @desc Get rules for a deployment gate @required {gate_id: str # The ID of the deployment gate.} @returns(200) {data: map{attributes: map{rules: [map]}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 429: Too many requests, 500: Internal Server Error} @endpoint POST /api/v2/deployment_gates/{gate_id}/rules @desc Create deployment rule @required {gate_id: str # The ID of the deployment gate.} @optional {data: map{attributes!: map, type!: str} # Parameters for creating a deployment rule.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, gate_id: str, name: str, options: any, type: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 429: Too many requests, 500: Internal Server Error} @endpoint DELETE /api/v2/deployment_gates/{gate_id}/rules/{id} @desc Delete deployment rule @required {gate_id: str # The ID of the deployment gate., id: str # The ID of the deployment rule.} @returns(204) No Content @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/deployment_gates/{gate_id}/rules/{id} @desc Get deployment rule @required {gate_id: str # The ID of the deployment gate., id: str # The ID of the deployment rule.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, gate_id: str, name: str, options: any, type: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment rule not found., 429: Too many requests, 500: Internal Server Error} @endpoint PUT /api/v2/deployment_gates/{gate_id}/rules/{id} @desc Update deployment rule @required {gate_id: str # The ID of the deployment gate., id: str # The ID of the deployment rule., data: map{attributes!: map, type!: str} # Parameters for updating a deployment rule.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, gate_id: str, name: str, options: any, type: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment rule not found., 429: Too many requests, 500: Internal Server Error} @endpoint DELETE /api/v2/deployment_gates/{id} @desc Delete deployment gate @required {id: str # The ID of the deployment gate.} @returns(204) No Content @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/deployment_gates/{id} @desc Get deployment gate @required {id: str # The ID of the deployment gate.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, env: str, identifier: str, service: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint PUT /api/v2/deployment_gates/{id} @desc Update deployment gate @required {id: str # The ID of the deployment gate., data: map{attributes!: map, id!: str, type!: str} # Parameters for updating a deployment gate.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, id: str, name: str}, dry_run: bool, env: str, identifier: str, service: str, updated_at: str(date-time), updated_by: map{handle: str, id: str, name: str}}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint POST /api/v2/deployments/gates/evaluation @desc Trigger a deployment gate evaluation @required {data: map{attributes!: map, type!: str} # Data for a deployment gate evaluation request.} @returns(202) {data: map{attributes: map{evaluation_id: str}, id: str(uuid), type: str}} # Accepted @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/deployments/gates/evaluation/{id} @desc Get a deployment gate evaluation result @required {id: str(uuid) # The evaluation ID returned by the trigger endpoint.} @returns(200) {data: map{attributes: map{dry_run: bool, evaluation_id: str, evaluation_url: str, gate_id: str(uuid), gate_status: str, rules: [map]}, id: str, type: str}} # OK @errors {400: Bad request., 401: Unauthorized, 403: Forbidden, 404: Deployment gate not found., 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/domain_allowlist @desc Get Domain Allowlist @returns(200) {data: map{attributes: map{domains: [str], enabled: bool}, id: str?, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/domain_allowlist @desc Sets Domain Allowlist @required {data: map{attributes: map, id: str, type!: str} # The email domain allowlist for an org.} @returns(200) {data: map{attributes: map{domains: [str], enabled: bool}, id: str?, type: str}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/dora/deployment @desc Send a deployment event @required {data: map{attributes!: map} # The JSON:API data.} @returns(200) {data: map{id: str, type: str}} # OK @returns(202) {data: map{id: str, type: str}} # OK - but delayed due to incident @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/dora/deployment/{deployment_id} @desc Delete a deployment event @required {deployment_id: str # The ID of the deployment event to delete.} @returns(202) Accepted @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/dora/deployments @desc Get a list of deployment events @required {data: map{attributes!: map, type: str} # The JSON:API data.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/dora/deployments/{deployment_id} @desc Get a deployment event @required {deployment_id: str # The ID of the deployment event.} @returns(200) {data: map{attributes: map{custom_tags: [str]?, env: str, finished_at: int(int64), git: map{commit_sha: str, repository_id: str}, service: str, started_at: int(int64), team: str, version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint PATCH /api/v2/dora/deployments/{deployment_id} @desc Patch a deployment event @required {deployment_id: str # The ID of the deployment event., data: map{attributes!: map, id!: str, type!: str} # The JSON:API data for patching a deployment.} @returns(202) Accepted @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/dora/failure @desc Send an incident event @required {data: map{attributes!: map} # The JSON:API data.} @returns(200) {data: map{id: str, type: str}} # OK @returns(202) {data: map{id: str, type: str}} # OK - but delayed due to incident @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/dora/failure/{failure_id} @desc Delete an incident event @required {failure_id: str # The ID of the incident event to delete.} @returns(202) Accepted @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/dora/failures @desc Get a list of incident events @required {data: map{attributes!: map, type: str} # The JSON:API data.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/dora/failures/{failure_id} @desc Get an incident event @required {failure_id: str # The ID of the incident event.} @returns(200) {data: map{attributes: map{custom_tags: [str]?, env: str, finished_at: int(int64), git: map{commit_sha: str, repository_url: str}, name: str, services: [str], severity: str, started_at: int(int64), team: str, version: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/dora/incident @desc Send an incident event (legacy) @required {data: map{attributes!: map} # The JSON:API data.} @returns(200) {data: map{id: str, type: str}} # OK @returns(202) {data: map{id: str, type: str}} # OK - but delayed due to incident @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/downtime @desc Get all downtimes @optional {current_only: bool # Only return downtimes that are active when the request is made., include: str # Comma-separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `monitor`., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., page[limit]: int(int64)=30 # Maximum number of downtimes in the response.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_filtered_count: int(int64)}}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/downtime @desc Schedule a downtime @required {data: map{attributes!: map, type!: str} # Object to create a downtime.} @returns(200) {data: map{attributes: map{canceled: str(date-time)?, created: str(date-time), display_timezone: str?, message: str?, modified: str(date-time), monitor_identifier: any, mute_first_recovery_notification: bool, notify_end_states: [str], notify_end_types: [str], schedule: any, scope: str, status: str}, id: str, relationships: map{created_by: map{data: map?}, monitor: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/downtime/{downtime_id} @desc Cancel a downtime @required {downtime_id: str # ID of the downtime to cancel.} @returns(204) OK @errors {403: Forbidden, 404: Downtime not found, 429: Too many requests} @endpoint GET /api/v2/downtime/{downtime_id} @desc Get a downtime @required {downtime_id: str # ID of the downtime to fetch.} @optional {include: str # Comma-separated list of resource paths for related resources to include in the response. Supported resource paths are `created_by` and `monitor`.} @returns(200) {data: map{attributes: map{canceled: str(date-time)?, created: str(date-time), display_timezone: str?, message: str?, modified: str(date-time), monitor_identifier: any, mute_first_recovery_notification: bool, notify_end_states: [str], notify_end_types: [str], schedule: any, scope: str, status: str}, id: str, relationships: map{created_by: map{data: map?}, monitor: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/downtime/{downtime_id} @desc Update a downtime @required {downtime_id: str # ID of the downtime to update., data: map{attributes!: map, id!: str, type!: str} # Object to update a downtime.} @returns(200) {data: map{attributes: map{canceled: str(date-time)?, created: str(date-time), display_timezone: str?, message: str?, modified: str(date-time), monitor_identifier: any, mute_first_recovery_notification: bool, notify_end_states: [str], notify_end_types: [str], schedule: any, scope: str, status: str}, id: str, relationships: map{created_by: map{data: map?}, monitor: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Downtime not found, 429: Too many requests} @endpoint POST /api/v2/error-tracking/issues/search @desc Search error tracking issues @required {data: map{attributes!: map, type!: str} # Search issues request.} @optional {include: [str] # Comma-separated list of relationship objects that should be included in the response. Possible values are `issue`, `issue.assignee`, `issue.case`, and `issue.team_owners`.} @returns(200) {data: [map], included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/error-tracking/issues/{issue_id} @desc Get the details of an error tracking issue @required {issue_id: str # The identifier of the issue.} @optional {include: [str] # Comma-separated list of relationship objects that should be included in the response. Possible values are `assignee`, `case`, and `team_owners`.} @returns(200) {data: map{attributes: map{error_message: str, error_type: str, file_path: str, first_seen: int(int64), first_seen_version: str, function_name: str, is_crash: bool, languages: [str], last_seen: int(int64), last_seen_version: str, platform: str, service: str, state: str}, id: str, relationships: map{assignee: map{data: map}, case: map{data: map}, team_owners: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/error-tracking/issues/{issue_id}/assignee @desc Remove the assignee of an issue @required {issue_id: str # The identifier of the issue.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/error-tracking/issues/{issue_id}/assignee @desc Update the assignee of an issue @required {issue_id: str # The identifier of the issue., data: map{id!: str, type!: str} # Update issue assignee request.} @returns(200) {data: map{attributes: map{error_message: str, error_type: str, file_path: str, first_seen: int(int64), first_seen_version: str, function_name: str, is_crash: bool, languages: [str], last_seen: int(int64), last_seen_version: str, platform: str, service: str, state: str}, id: str, relationships: map{assignee: map{data: map}, case: map{data: map}, team_owners: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/error-tracking/issues/{issue_id}/state @desc Update the state of an issue @required {issue_id: str # The identifier of the issue., data: map{attributes!: map, id!: str, type!: str} # Update issue state request.} @returns(200) {data: map{attributes: map{error_message: str, error_type: str, file_path: str, first_seen: int(int64), first_seen_version: str, function_name: str, is_crash: bool, languages: [str], last_seen: int(int64), last_seen_version: str, platform: str, service: str, state: str}, id: str, relationships: map{assignee: map{data: map}, case: map{data: map}, team_owners: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/events @desc Get a list of events @optional {filter[query]: str # Search query following events syntax., filter[from]: str # Minimum timestamp for requested events, in milliseconds., filter[to]: str # Maximum timestamp for requested events, in milliseconds., sort: str # Order of events in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of events in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/events @desc Post an event @required {data: map{attributes!: map, type!: str} # An event object.} @returns(202) {data: map{attributes: map{attributes: map{evt: map}}, type: str}, links: map{self: str}} # OK @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @example_request {"data":{"attributes":{"aggregation_key":"deduplication_key_here","attributes":{"custom":{"my-object-attribute":{"my-array-attribute":[1,2,3],"my-array-object-attribute":[{"name":"test-object-1"},{"name":"test-object-2"}],"my-integer-attribute":1},"my-string-attribute":"my-custom-value"},"links":[{"category":"runbook","title":"Datadog website","url":"https://datadoghq.com"}],"priority":"1","status":"error"},"category":"alert","message":"Something is broken!","tags":["service:my-test-service","datacenter:primary"],"title":"My Alerting Event"},"type":"event"}} @endpoint POST /api/v2/events/search @desc Search events @optional {filter: map{from: str, query: str, to: str} # The search and filter query settings., options: map{timeOffset: int(int64), timezone: str} # The global query options that are used. Either provide a timezone or a time offset but not both, otherwise the query fails., page: map{cursor: str, limit: int(int32)} # Pagination settings., sort: str(timestamp/-timestamp) # The sort parameters when querying events.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/events/{event_id} @desc Get an event @required {event_id: str # The UID of the event.} @returns(200) {data: map{attributes: map{attributes: any, message: str, tags: [str], timestamp: str}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/feature-flags @desc List feature flags @optional {key: str # Filter feature flags by key (partial matching)., is_archived: bool # Filter by archived status., limit: int=100 # Maximum number of results to return., offset: int=0 # Number of results to skip.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/feature-flags @desc Create a feature flag @required {data: map{attributes!: map, type!: str} # Data for creating a new feature flag.} @returns(201) {data: map{attributes: map{archived_at: str(date-time)?, created_at: str(date-time), created_by: str(uuid), description: str, distribution_channel: str, feature_flag_environments: [map], json_schema: str?, key: str, last_updated_by: str(uuid), name: str, require_approval: bool, updated_at: str(date-time), value_type: str, variants: [map]}, id: str(uuid), type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @example_request {"data":{"attributes":{"description":"Demo feature flag with unique identifier","key":"feature-flag-demo123","name":"Feature Flag Demo123","value_type":"BOOLEAN","variants":[{"key":"variant-demo123","name":"Variant Demo123","value":"true"}]},"type":"feature-flags"}} @endpoint GET /api/v2/feature-flags/environments @desc List environments @optional {name: str # Filter environments by name (partial matching)., key: str # Filter environments by key (partial matching)., limit: int=100 # Maximum number of results to return., offset: int=0 # Number of results to skip.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/feature-flags/environments @desc Create an environment @required {data: map{attributes!: map, type!: str} # Data for creating a new environment.} @returns(201) {data: map{attributes: map{created_at: str(date-time), description: str?, is_production: bool, key: str, name: str, queries: [str], require_feature_flag_approval: bool, updated_at: str(date-time)}, id: str(uuid), type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @example_request {"data":{"attributes":{"name":"Environment Demo123","queries":["env-demo123","queries-demo456"]},"type":"environments"}} @endpoint DELETE /api/v2/feature-flags/environments/{environment_id} @desc Delete an environment @required {environment_id: str(uuid) # The ID of the environment.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/feature-flags/environments/{environment_id} @desc Get an environment @required {environment_id: str(uuid) # The ID of the environment.} @returns(200) {data: map{attributes: map{created_at: str(date-time), description: str?, is_production: bool, key: str, name: str, queries: [str], require_feature_flag_approval: bool, updated_at: str(date-time)}, id: str(uuid), type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/feature-flags/environments/{environment_id} @desc Update an environment @required {environment_id: str(uuid) # The ID of the environment., data: map{attributes!: map, type!: str} # Data for updating an environment.} @returns(200) {data: map{attributes: map{created_at: str(date-time), description: str?, is_production: bool, key: str, name: str, queries: [str], require_feature_flag_approval: bool, updated_at: str(date-time)}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @example_request {"data":{"attributes":{"name":"Updated Environment XYZ789","queries":["updated-env-xyz789","updated-queries-abc456"]},"type":"environments"}} @endpoint GET /api/v2/feature-flags/{feature_flag_id} @desc Get a feature flag @required {feature_flag_id: str(uuid) # The ID of the feature flag.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, created_at: str(date-time), created_by: str(uuid), description: str, distribution_channel: str, feature_flag_environments: [map], json_schema: str?, key: str, last_updated_by: str(uuid), name: str, require_approval: bool, updated_at: str(date-time), value_type: str, variants: [map]}, id: str(uuid), type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/feature-flags/{feature_flag_id} @desc Update a feature flag @required {feature_flag_id: str(uuid) # The ID of the feature flag., data: map{attributes!: map, type!: str} # Data for updating a feature flag.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, created_at: str(date-time), created_by: str(uuid), description: str, distribution_channel: str, feature_flag_environments: [map], json_schema: str?, key: str, last_updated_by: str(uuid), name: str, require_approval: bool, updated_at: str(date-time), value_type: str, variants: [map]}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @example_request {"data":{"attributes":{"description":"Updated description for feature flag XYZ789","name":"Updated Feature Flag XYZ789"},"type":"feature-flags"}} @endpoint POST /api/v2/feature-flags/{feature_flag_id}/archive @desc Archive a feature flag @required {feature_flag_id: str(uuid) # The ID of the feature flag.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, created_at: str(date-time), created_by: str(uuid), description: str, distribution_channel: str, feature_flag_environments: [map], json_schema: str?, key: str, last_updated_by: str(uuid), name: str, require_approval: bool, updated_at: str(date-time), value_type: str, variants: [map]}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/feature-flags/{feature_flag_id}/environments/{environment_id}/disable @desc Disable a feature flag in an environment @required {feature_flag_id: str(uuid) # The ID of the feature flag., environment_id: str(uuid) # The ID of the environment.} @returns(200) OK @returns(202) Accepted - Approval required for this change @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/feature-flags/{feature_flag_id}/environments/{environment_id}/enable @desc Enable a feature flag in an environment @required {feature_flag_id: str(uuid) # The ID of the feature flag., environment_id: str(uuid) # The ID of the environment.} @returns(200) OK @returns(202) Accepted - Approval required for this change @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/feature-flags/{feature_flag_id}/unarchive @desc Unarchive a feature flag @required {feature_flag_id: str(uuid) # The ID of the feature flag.} @returns(200) {data: map{attributes: map{archived_at: str(date-time)?, created_at: str(date-time), created_by: str(uuid), description: str, distribution_channel: str, feature_flag_environments: [map], json_schema: str?, key: str, last_updated_by: str(uuid), name: str, require_approval: bool, updated_at: str(date-time), value_type: str, variants: [map]}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/hamr @desc Get HAMR organization connection @returns(200) {data: map{attributes: map{hamr_status: int, is_primary: bool, modified_at: str, modified_by: str, target_org_datacenter: str, target_org_name: str, target_org_uuid: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/hamr @desc Create or update HAMR organization connection @required {data: map{attributes!: map, id!: str, type!: str} # Data object for a HAMR organization connection request.} @returns(200) {data: map{attributes: map{hamr_status: int, is_primary: bool, modified_at: str, modified_by: str, target_org_datacenter: str, target_org_name: str, target_org_uuid: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/incidents @desc Get a list of incidents @optional {include: [str] # Specifies which types of related objects should be included in the response., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page.} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents @desc Create an incident @required {data: map{attributes!: map, relationships: map, type!: str} # Incident data for a create request.} @returns(201) {data: map{attributes: map{archived: str(date-time)?, case_id: int(int64)?, created: str(date-time), customer_impact_duration: int(int64), customer_impact_end: str(date-time)?, customer_impact_scope: str?, customer_impact_start: str(date-time)?, customer_impacted: bool, declared: str(date-time), declared_by: map?{image_48_px: str, name: str}, declared_by_uuid: str?, detected: str(date-time)?, fields: map, incident_type_uuid: str, is_test: bool, modified: str(date-time), non_datadog_creator: map?{image_48_px: str, name: str}, notification_handles: [map]?, public_id: int(int64), resolved: str(date-time)?, severity: str, state: str?, time_to_detect: int(int64), time_to_internal_response: int(int64), time_to_repair: int(int64), time_to_resolve: int(int64), title: str, visibility: str?}, id: str, relationships: map{attachments: map{data: [map]}, commander_user: map?{data: map?}, created_by_user: map{data: map}, declared_by_user: map{data: map}, impacts: map{data: [map]}, integrations: map{data: [map]}, last_modified_by_user: map{data: map}, responders: map{data: [map]}, user_defined_fields: map{data: [map]}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/global/incident-handles @desc Delete global incident handle @returns(204) No Content @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/incidents/config/global/incident-handles @desc List global incident handles @optional {include: str # Comma-separated list of related resources to include in the response} @returns(200) {data: [map], included: [any]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint POST /api/v2/incidents/config/global/incident-handles @desc Create global incident handle @required {data: map{attributes!: map, id: str, relationships: map, type!: str} # Data object representing an incident handle in a create or update request.} @optional {include: str # Comma-separated list of related resources to include in the response} @returns(201) {data: map{attributes: map{created_at: str(date-time), fields: map{severity: [str]}, modified_at: str(date-time), name: str}, id: str, relationships: map?{commander_user: map{data: map}, created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 429: Too many requests} @endpoint PUT /api/v2/incidents/config/global/incident-handles @desc Update global incident handle @required {data: map{attributes!: map, id: str, relationships: map, type!: str} # Data object representing an incident handle in a create or update request.} @optional {include: str # Comma-separated list of related resources to include in the response} @returns(200) {data: map{attributes: map{created_at: str(date-time), fields: map{severity: [str]}, modified_at: str(date-time), name: str}, id: str, relationships: map?{commander_user: map{data: map}, created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/incidents/config/global/settings @desc Get global incident settings @returns(200) {data: map{attributes: map{analytics_dashboard_id: str, created: str(date-time), modified: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint PATCH /api/v2/incidents/config/global/settings @desc Update global incident settings @required {data: map{attributes: map, type!: str} # Data object in the global incident settings request.} @returns(200) {data: map{attributes: map{analytics_dashboard_id: str, created: str(date-time), modified: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/incidents/config/notification-rules @desc List incident notification rules @optional {include: str # Comma-separated list of resources to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`, `notification_template`} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/config/notification-rules @desc Create an incident notification rule @required {data: map{attributes!: map, relationships: map, type!: str} # Notification rule data for a create request.} @returns(201) {data: map{attributes: map{conditions: [map], created: str(date-time), enabled: bool, handles: [str], modified: str(date-time), renotify_on: [str], trigger: str, visibility: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}, notification_template: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/notification-rules/{id} @desc Delete an incident notification rule @required {id: str(uuid) # The ID of the notification rule.} @optional {include: str # Comma-separated list of resources to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`, `notification_template`} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/notification-rules/{id} @desc Get an incident notification rule @required {id: str(uuid) # The ID of the notification rule.} @optional {include: str # Comma-separated list of resources to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`, `notification_template`} @returns(200) {data: map{attributes: map{conditions: [map], created: str(date-time), enabled: bool, handles: [str], modified: str(date-time), renotify_on: [str], trigger: str, visibility: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}, notification_template: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/incidents/config/notification-rules/{id} @desc Update an incident notification rule @required {id: str(uuid) # The ID of the notification rule., data: map{attributes!: map, id!: str(uuid), relationships: map, type!: str} # Notification rule data for an update request.} @optional {include: str # Comma-separated list of resources to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`, `notification_template`} @returns(200) {data: map{attributes: map{conditions: [map], created: str(date-time), enabled: bool, handles: [str], modified: str(date-time), renotify_on: [str], trigger: str, visibility: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}, notification_template: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/notification-templates @desc List incident notification templates @optional {filter[incident-type]: str(uuid) # Optional incident type ID filter., include: str # Comma-separated list of relationships to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/config/notification-templates @desc Create incident notification template @required {data: map{attributes!: map, relationships: map, type!: str} # Notification template data for a create request.} @returns(201) {data: map{attributes: map{category: str, content: str, created: str(date-time), modified: str(date-time), name: str, subject: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/notification-templates/{id} @desc Delete a notification template @required {id: str(uuid) # The ID of the notification template.} @optional {include: str # Comma-separated list of relationships to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/notification-templates/{id} @desc Get incident notification template @required {id: str(uuid) # The ID of the notification template.} @optional {include: str # Comma-separated list of relationships to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`} @returns(200) {data: map{attributes: map{category: str, content: str, created: str(date-time), modified: str(date-time), name: str, subject: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/config/notification-templates/{id} @desc Update incident notification template @required {id: str(uuid) # The ID of the notification template., data: map{attributes: map, id!: str(uuid), type!: str} # Notification template data for an update request.} @optional {include: str # Comma-separated list of relationships to include. Supported values: `created_by_user`, `last_modified_by_user`, `incident_type`} @returns(200) {data: map{attributes: map{category: str, content: str, created: str(date-time), modified: str(date-time), name: str, subject: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/postmortem-templates @desc List postmortem templates @returns(200) {data: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint POST /api/v2/incidents/config/postmortem-templates @desc Create postmortem template @required {data: map{attributes!: map, type!: str} # Data object for creating or updating a postmortem template.} @returns(201) {data: map{attributes: map{createdAt: str(date-time), modifiedAt: str(date-time), name: str}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/postmortem-templates/{template_id} @desc Delete postmortem template @required {template_id: str # The ID of the postmortem template} @returns(204) No Content @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/postmortem-templates/{template_id} @desc Get postmortem template @required {template_id: str # The ID of the postmortem template} @returns(200) {data: map{attributes: map{createdAt: str(date-time), modifiedAt: str(date-time), name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/config/postmortem-templates/{template_id} @desc Update postmortem template @required {template_id: str # The ID of the postmortem template, data: map{attributes!: map, type!: str} # Data object for creating or updating a postmortem template.} @returns(200) {data: map{attributes: map{createdAt: str(date-time), modifiedAt: str(date-time), name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/types @desc Get a list of incident types @optional {include_deleted: bool=false # Include deleted incident types in the response.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/incidents/config/types @desc Create an incident type @required {data: map{attributes!: map, type!: str} # Incident type data for a create request.} @returns(201) {data: map{attributes: map{createdAt: str(date-time), createdBy: str, description: str, is_default: bool, lastModifiedBy: str, modifiedAt: str(date-time), name: str, prefix: str}, id: str, relationships: map{created_by_user: map{data: map}, google_meet_configuration: map?{data: map?}, last_modified_by_user: map{data: map}, microsoft_teams_configuration: map?{data: map?}, zoom_configuration: map?{data: map?}}, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/types/{incident_type_id} @desc Delete an incident type @required {incident_type_id: str # The UUID of the incident type.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/types/{incident_type_id} @desc Get incident type details @required {incident_type_id: str # The UUID of the incident type.} @returns(200) {data: map{attributes: map{createdAt: str(date-time), createdBy: str, description: str, is_default: bool, lastModifiedBy: str, modifiedAt: str(date-time), name: str, prefix: str}, id: str, relationships: map{created_by_user: map{data: map}, google_meet_configuration: map?{data: map?}, last_modified_by_user: map{data: map}, microsoft_teams_configuration: map?{data: map?}, zoom_configuration: map?{data: map?}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/config/types/{incident_type_id} @desc Update an incident type @required {incident_type_id: str # The UUID of the incident type., data: map{attributes!: map, id!: str, type!: str} # Incident type data for a patch request.} @returns(200) {data: map{attributes: map{createdAt: str(date-time), createdBy: str, description: str, is_default: bool, lastModifiedBy: str, modifiedAt: str(date-time), name: str, prefix: str}, id: str, relationships: map{created_by_user: map{data: map}, google_meet_configuration: map?{data: map?}, last_modified_by_user: map{data: map}, microsoft_teams_configuration: map?{data: map?}, zoom_configuration: map?{data: map?}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/user-defined-fields @desc Get a list of incident user-defined fields @optional {page[size]: int(int64)=1000 # The number of results to return per page. Must be between 0 and 1000., page[number]: int(int64)=0 # The page number to retrieve, starting at 0., include-deleted: bool=false # When true, include soft-deleted fields in the response., filter[incident-type]: str # Filter results to fields associated with the given incident type UUID., include: str # Comma-separated list of related resources to include. Supported values are "last_modified_by_user", "created_by_user", and "incident_type".} @returns(200) {data: [map], meta: map{offset: int(int64), size: int(int64)}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/incidents/config/user-defined-fields @desc Create an incident user-defined field @required {data: map{attributes!: map, relationships!: map, type!: str} # Data for creating an incident user-defined field.} @optional {include: str # Comma-separated list of related resources to include. Supported values are "last_modified_by_user", "created_by_user", and "incident_type".} @returns(201) {data: map{attributes: map{attached_to: str, category: str?, collected: str?, created: str(date-time), default_value: str?, deleted: str(date-time)?, display_name: str, metadata: map?{category: str, search_limit_param: str, search_params: map, search_query_param: str, search_result_path: str, search_url: str}, modified: str(date-time)?, name: str, ordinal: str?, prerequisite: str?, required: bool, reserved: bool, table_id: int(int64), tag_key: str?, type: int(int32)?, valid_values: [map]?}, id: str, relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/config/user-defined-fields/{field_id} @desc Delete an incident user-defined field @required {field_id: str # The ID of the incident user-defined field.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/config/user-defined-fields/{field_id} @desc Get an incident user-defined field @required {field_id: str # The ID of the incident user-defined field.} @optional {include: str # Comma-separated list of related resources to include. Supported values are "last_modified_by_user", "created_by_user", and "incident_type".} @returns(200) {data: map{attributes: map{attached_to: str, category: str?, collected: str?, created: str(date-time), default_value: str?, deleted: str(date-time)?, display_name: str, metadata: map?{category: str, search_limit_param: str, search_params: map, search_query_param: str, search_result_path: str, search_url: str}, modified: str(date-time)?, name: str, ordinal: str?, prerequisite: str?, required: bool, reserved: bool, table_id: int(int64), tag_key: str?, type: int(int32)?, valid_values: [map]?}, id: str, relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}} # OK @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/config/user-defined-fields/{field_id} @desc Update an incident user-defined field @required {field_id: str # The ID of the incident user-defined field., data: map{attributes!: map, id!: str, type!: str} # Data for updating an incident user-defined field.} @optional {include: str # Comma-separated list of related resources to include. Supported values are "last_modified_by_user", "created_by_user", and "incident_type".} @returns(200) {data: map{attributes: map{attached_to: str, category: str?, collected: str?, created: str(date-time), default_value: str?, deleted: str(date-time)?, display_name: str, metadata: map?{category: str, search_limit_param: str, search_params: map, search_query_param: str, search_result_path: str, search_url: str}, modified: str(date-time)?, name: str, ordinal: str?, prerequisite: str?, required: bool, reserved: bool, table_id: int(int64), tag_key: str?, type: int(int32)?, valid_values: [map]?}, id: str, relationships: map{created_by_user: map{data: map}, incident_type: map{data: map}, last_modified_by_user: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/import @desc Import an incident @required {data: map{attributes!: map, relationships: map, type!: str} # Incident data for an import request.} @optional {include: [str] # Specifies which related object types to include in the response when importing an incident.} @returns(201) {data: map{attributes: map{archived: str(date-time)?, case_id: int(int64)?, created: str(date-time), created_by_uuid: str?, creation_idempotency_key: str?, customer_impact_end: str(date-time)?, customer_impact_scope: str?, customer_impact_start: str(date-time)?, declared: str(date-time)?, declared_by_uuid: str?, detected: str(date-time)?, fields: map, incident_type_uuid: str, is_test: bool, last_modified_by_uuid: str?, modified: str(date-time), non_datadog_creator: map?{image_48_px: str, name: str}, notification_handles: [map]?, public_id: int(int64), resolved: str(date-time)?, severity: str, state: str?, title: str, visibility: str?}, id: str, relationships: map{attachments: map{data: [map]}, commander_user: map?{data: map?}, created_by_user: map{data: map}, declared_by_user: map{data: map}, impacts: map{data: [map]}, incident_type: map{data: map}, integrations: map{data: [map]}, last_modified_by_user: map{data: map}, responders: map{data: [map]}, user_defined_fields: map{data: [map]}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/search @desc Search for incidents @required {query: str # Specifies which incidents should be returned. The query can contain any number of incident facets joined by `ANDs`, along with multiple values for each of those facets joined by `OR`s. For example: `state:active AND severity:(SEV-2 OR SEV-1)`.} @optional {include: str # Specifies which types of related objects should be included in the response., sort: str # Specifies the order of returned incidents., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page.} @returns(200) {data: map{attributes: map{facets: map{commander: [map], created_by: [map], fields: [map], impact: [map], last_modified_by: [map], postmortem: [map], responder: [map], severity: [map], state: [map], time_to_repair: [map], time_to_resolve: [map]}, incidents: [map], total: int(int32)}, type: str}, included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/{incident_id} @desc Delete an existing incident @required {incident_id: str # The UUID of the incident.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id} @desc Get the details of an incident @required {incident_id: str # The UUID of the incident.} @optional {include: [str] # Specifies which types of related objects should be included in the response.} @returns(200) {data: map{attributes: map{archived: str(date-time)?, case_id: int(int64)?, created: str(date-time), customer_impact_duration: int(int64), customer_impact_end: str(date-time)?, customer_impact_scope: str?, customer_impact_start: str(date-time)?, customer_impacted: bool, declared: str(date-time), declared_by: map?{image_48_px: str, name: str}, declared_by_uuid: str?, detected: str(date-time)?, fields: map, incident_type_uuid: str, is_test: bool, modified: str(date-time), non_datadog_creator: map?{image_48_px: str, name: str}, notification_handles: [map]?, public_id: int(int64), resolved: str(date-time)?, severity: str, state: str?, time_to_detect: int(int64), time_to_internal_response: int(int64), time_to_repair: int(int64), time_to_resolve: int(int64), title: str, visibility: str?}, id: str, relationships: map{attachments: map{data: [map]}, commander_user: map?{data: map?}, created_by_user: map{data: map}, declared_by_user: map{data: map}, impacts: map{data: [map]}, integrations: map{data: [map]}, last_modified_by_user: map{data: map}, responders: map{data: [map]}, user_defined_fields: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/{incident_id} @desc Update an existing incident @required {incident_id: str # The UUID of the incident., data: map{attributes: map, id!: str, relationships: map, type!: str} # Incident data for an update request.} @optional {include: [str] # Specifies which types of related objects should be included in the response.} @returns(200) {data: map{attributes: map{archived: str(date-time)?, case_id: int(int64)?, created: str(date-time), customer_impact_duration: int(int64), customer_impact_end: str(date-time)?, customer_impact_scope: str?, customer_impact_start: str(date-time)?, customer_impacted: bool, declared: str(date-time), declared_by: map?{image_48_px: str, name: str}, declared_by_uuid: str?, detected: str(date-time)?, fields: map, incident_type_uuid: str, is_test: bool, modified: str(date-time), non_datadog_creator: map?{image_48_px: str, name: str}, notification_handles: [map]?, public_id: int(int64), resolved: str(date-time)?, severity: str, state: str?, time_to_detect: int(int64), time_to_internal_response: int(int64), time_to_repair: int(int64), time_to_resolve: int(int64), title: str, visibility: str?}, id: str, relationships: map{attachments: map{data: [map]}, commander_user: map?{data: map?}, created_by_user: map{data: map}, declared_by_user: map{data: map}, impacts: map{data: [map]}, integrations: map{data: [map]}, last_modified_by_user: map{data: map}, responders: map{data: [map]}, user_defined_fields: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/attachments @desc List incident attachments @required {incident_id: str # The UUID of the incident.} @optional {filter[attachment_type]: str # Filter attachments by type. Supported values are `1` (`postmortem`) and `2` (`link`)., include: str # Resource to include in the response. Supported value: `last_modified_by_user`.} @returns(200) {data: [map], included: [any]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint POST /api/v2/incidents/{incident_id}/attachments @desc Create incident attachment @required {incident_id: str # The UUID of the incident.} @optional {include: str # Resource to include in the response. Supported value: `last_modified_by_user`., data: map{attributes: map, id: str, type!: str} # Attachment data for a create request.} @returns(201) {data: map{attributes: map{attachment: map{documentUrl: str, title: str}, attachment_type: str, modified: str(date-time)}, id: str, relationships: map{incident: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/incidents/{incident_id}/attachments/postmortems @desc Create postmortem attachment @required {incident_id: str # The ID of the incident, data: map{attributes!: map, type!: str} # Postmortem attachment data} @returns(201) {data: map{attributes: map{attachment: map{documentUrl: str, title: str}, attachment_type: str, modified: str(date-time)}, id: str, relationships: map{incident: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/incidents/{incident_id}/attachments/{attachment_id} @desc Delete incident attachment @required {incident_id: str # The UUID of the incident., attachment_id: str # The ID of the attachment.} @returns(204) No Content @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/{incident_id}/attachments/{attachment_id} @desc Update incident attachment @required {incident_id: str # The UUID of the incident., attachment_id: str # The ID of the attachment.} @optional {include: str # Resource to include in the response. Supported value: `last_modified_by_user`., data: map{attributes: map, id: str, type!: str} # Attachment data for an update request.} @returns(200) {data: map{attributes: map{attachment: map{documentUrl: str, title: str}, attachment_type: str, modified: str(date-time)}, id: str, relationships: map{incident: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/impacts @desc List an incident's impacts @required {incident_id: str # The UUID of the incident.} @optional {include: [str] # Specifies which related resources should be included in the response.} @returns(200) {data: [map], included: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/{incident_id}/impacts @desc Create an incident impact @required {incident_id: str # The UUID of the incident., data: map{attributes!: map, type!: str} # Incident impact data for a create request.} @optional {include: [str] # Specifies which related resources should be included in the response.} @returns(201) {data: map{attributes: map{created: str(date-time), description: str, end_at: str(date-time)?, fields: map?, impact_type: str, modified: str(date-time), start_at: str(date-time)}, id: str, relationships: map{created_by_user: map{data: map}, incident: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [map]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/{incident_id}/impacts/{impact_id} @desc Delete an incident impact @required {incident_id: str # The UUID of the incident., impact_id: str # The UUID of the incident impact.} @returns(204) No Content @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/relationships/integrations @desc Get a list of an incident's integration metadata @required {incident_id: str # The UUID of the incident.} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/{incident_id}/relationships/integrations @desc Create an incident integration metadata @required {incident_id: str # The UUID of the incident., data: map{attributes!: map, type!: str} # Incident integration metadata data for a create request.} @returns(201) {data: map{attributes: map{created: str(date-time), incident_id: str, integration_type: int(int32), metadata: any, modified: str(date-time), status: int(int32)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} @desc Delete an incident integration metadata @required {incident_id: str # The UUID of the incident., integration_metadata_id: str # The UUID of the incident integration metadata.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} @desc Get incident integration metadata details @required {incident_id: str # The UUID of the incident., integration_metadata_id: str # The UUID of the incident integration metadata.} @returns(200) {data: map{attributes: map{created: str(date-time), incident_id: str, integration_type: int(int32), metadata: any, modified: str(date-time), status: int(int32)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} @desc Update an existing incident integration metadata @required {incident_id: str # The UUID of the incident., integration_metadata_id: str # The UUID of the incident integration metadata., data: map{attributes!: map, type!: str} # Incident integration metadata data for a patch request.} @returns(200) {data: map{attributes: map{created: str(date-time), incident_id: str, integration_type: int(int32), metadata: any, modified: str(date-time), status: int(int32)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/relationships/todos @desc Get a list of an incident's todos @required {incident_id: str # The UUID of the incident.} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/incidents/{incident_id}/relationships/todos @desc Create an incident todo @required {incident_id: str # The UUID of the incident., data: map{attributes!: map, type!: str} # Incident todo data for a create request.} @returns(201) {data: map{attributes: map{assignees: [any], completed: str?, content: str, created: str(date-time), due_date: str?, incident_id: str, modified: str(date-time)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} @desc Delete an incident todo @required {incident_id: str # The UUID of the incident., todo_id: str # The UUID of the incident todo.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} @desc Get incident todo details @required {incident_id: str # The UUID of the incident., todo_id: str # The UUID of the incident todo.} @returns(200) {data: map{attributes: map{assignees: [any], completed: str?, content: str, created: str(date-time), due_date: str?, incident_id: str, modified: str(date-time)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} @desc Update an incident todo @required {incident_id: str # The UUID of the incident., todo_id: str # The UUID of the incident todo., data: map{attributes!: map, type!: str} # Incident todo data for a patch request.} @returns(200) {data: map{attributes: map{assignees: [any], completed: str?, content: str, created: str(date-time), due_date: str?, incident_id: str, modified: str(date-time)}, id: str, relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/aws/accounts @desc List all AWS integrations @optional {aws_account_id: str # Optional query parameter to filter accounts by AWS Account ID. If not provided, all accounts are returned.} @returns(200) {data: [map]} # AWS Accounts List object @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/integration/aws/accounts @desc Create an AWS integration @required {data: map{attributes!: map, type!: str} # AWS Account Create Request data.} @returns(200) {data: map{attributes: map{account_tags: [str]?, auth_config: any, aws_account_id: str, aws_partition: str, aws_regions: any, created_at: str(date-time), logs_config: map{lambda_forwarder: map}, metrics_config: map{automute_enabled: bool, collect_cloudwatch_alarms: bool, collect_custom_metrics: bool, enabled: bool, namespace_filters: any, tag_filters: [map]}, modified_at: str(date-time), resources_config: map{cloud_security_posture_management_collection: bool, extended_collection: bool}, traces_config: map{xray_services: any}}, id: str, type: str}} # AWS Account object @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/integration/aws/accounts/{aws_account_config_id} @desc Delete an AWS integration @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID.} @returns(204) No Content @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/aws/accounts/{aws_account_config_id} @desc Get an AWS integration by config ID @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID.} @returns(200) {data: map{attributes: map{account_tags: [str]?, auth_config: any, aws_account_id: str, aws_partition: str, aws_regions: any, created_at: str(date-time), logs_config: map{lambda_forwarder: map}, metrics_config: map{automute_enabled: bool, collect_cloudwatch_alarms: bool, collect_custom_metrics: bool, enabled: bool, namespace_filters: any, tag_filters: [map]}, modified_at: str(date-time), resources_config: map{cloud_security_posture_management_collection: bool, extended_collection: bool}, traces_config: map{xray_services: any}}, id: str, type: str}} # AWS Account object @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integration/aws/accounts/{aws_account_config_id} @desc Update an AWS integration @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID., data: map{attributes!: map, id: str, type!: str} # AWS Account Update Request data.} @returns(200) {data: map{attributes: map{account_tags: [str]?, auth_config: any, aws_account_id: str, aws_partition: str, aws_regions: any, created_at: str(date-time), logs_config: map{lambda_forwarder: map}, metrics_config: map{automute_enabled: bool, collect_cloudwatch_alarms: bool, collect_custom_metrics: bool, enabled: bool, namespace_filters: any, tag_filters: [map]}, modified_at: str(date-time), resources_config: map{cloud_security_posture_management_collection: bool, extended_collection: bool}, traces_config: map{xray_services: any}}, id: str, type: str}} # AWS Account object @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integration/aws/accounts/{aws_account_config_id}/ccm_config @desc Delete AWS CCM config @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/aws/accounts/{aws_account_config_id}/ccm_config @desc Get AWS CCM config @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID.} @returns(200) {data: map{attributes: map{data_export_configs: [map]}, id: str, type: str}} # AWS CCM Config object @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integration/aws/accounts/{aws_account_config_id}/ccm_config @desc Update AWS CCM config @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID., data: map{attributes!: map, type!: str} # AWS CCM Config Create/Update Request data.} @returns(200) {data: map{attributes: map{data_export_configs: [map]}, id: str, type: str}} # AWS CCM Config object @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integration/aws/accounts/{aws_account_config_id}/ccm_config @desc Create AWS CCM config @required {aws_account_config_id: str # Unique Datadog ID of the AWS Account Integration Config. To get the config ID for an account, use the [List all AWS integrations](https://docs.datadoghq.com/api/latest/aws-integration/#list-all-aws-integrations) endpoint and query by AWS Account ID., data: map{attributes!: map, type!: str} # AWS CCM Config Create/Update Request data.} @returns(200) {data: map{attributes: map{data_export_configs: [map]}, id: str, type: str}} # AWS CCM Config object @errors {403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/integration/aws/available_namespaces @desc List available namespaces @returns(200) {data: map{attributes: map{namespaces: [str]}, id: str, type: str}} # AWS Namespaces List object @errors {403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/integration/aws/event_bridge @desc Delete an Amazon EventBridge source @required {data: map{attributes!: map, type!: str} # Amazon EventBridge delete request data.} @returns(200) {data: map{attributes: map{status: str}, id: str, type: str}} # Amazon EventBridge source deleted. @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/integration/aws/event_bridge @desc Get all Amazon EventBridge sources @returns(200) {data: map{attributes: map{accounts: [map], is_installed: bool}, id: str, type: str}} # Amazon EventBridge sources list. @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/integration/aws/event_bridge @desc Create an Amazon EventBridge source @required {data: map{attributes!: map, type!: str} # Amazon EventBridge create request data.} @returns(200) {data: map{attributes: map{event_source_name: str, has_bus: bool, region: str, status: str}, id: str, type: str}} # Amazon EventBridge source created. @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/integration/aws/generate_new_external_id @desc Generate a new external ID @returns(200) {data: map{attributes: map{external_id: str}, id: str, type: str}} # AWS External ID object @errors {403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/integration/aws/iam_permissions @desc Get AWS integration IAM permissions @returns(200) {data: map{attributes: map{permissions: [str]}, id: str, type: str}} # AWS IAM Permissions object @errors {429: Too many requests} @endpoint GET /api/v2/integration/aws/iam_permissions/resource_collection @desc Get resource collection IAM permissions @returns(200) {data: map{attributes: map{permissions: [str]}, id: str, type: str}} # AWS integration resource collection IAM permissions. @errors {429: Too many requests} @endpoint GET /api/v2/integration/aws/iam_permissions/standard @desc Get AWS integration standard IAM permissions @returns(200) {data: map{attributes: map{permissions: [str]}, id: str, type: str}} # AWS integration standard IAM permissions. @errors {429: Too many requests} @endpoint GET /api/v2/integration/aws/logs/services @desc Get list of AWS log ready services @returns(200) {data: map{attributes: map{logs_services: [str]}, id: str, type: str}} # AWS Logs Services List object @errors {403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/integration/gcp/accounts @desc List all GCP STS-enabled service accounts @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integration/gcp/accounts @desc Create a new entry for your service account @optional {data: map{attributes: map, type: str} # Additional metadata on your generated service account.} @returns(201) {data: map{attributes: map{account_tags: [str], automute: bool, client_email: str, cloud_run_revision_filters: [str], host_filters: [str], is_cspm_enabled: bool, is_global_location_enabled: bool, is_per_project_quota_enabled: bool, is_resource_change_collection_enabled: bool, is_security_command_center_enabled: bool, metric_namespace_configs: [map], monitored_resource_configs: [map], region_filter_configs: [str], resource_collection_enabled: bool}, id: str, meta: map{accessible_projects: [str]}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/integration/gcp/accounts/{account_id} @desc Delete an STS enabled GCP Account @required {account_id: str # Your GCP STS enabled service account's unique ID.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint PATCH /api/v2/integration/gcp/accounts/{account_id} @desc Update STS Service Account @required {account_id: str # Your GCP STS enabled service account's unique ID.} @optional {data: map{attributes: map, id: str, type: str} # Data on your service account.} @returns(201) {data: map{attributes: map{account_tags: [str], automute: bool, client_email: str, cloud_run_revision_filters: [str], host_filters: [str], is_cspm_enabled: bool, is_global_location_enabled: bool, is_per_project_quota_enabled: bool, is_resource_change_collection_enabled: bool, is_security_command_center_enabled: bool, metric_namespace_configs: [map], monitored_resource_configs: [map], region_filter_configs: [str], resource_collection_enabled: bool}, id: str, meta: map{accessible_projects: [str]}, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/gcp/sts_delegate @desc List delegate account @returns(200) {data: map{attributes: map{delegate_account_email: str}, id: str, type: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/integration/gcp/sts_delegate @desc Create a Datadog GCP principal @returns(200) {data: map{attributes: map{delegate_account_email: str}, id: str, type: str}} # OK @errors {403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/integration/google-chat/organizations/app/named-spaces/{domain_name}/{space_display_name} @desc Get space information by display name @required {domain_name: str # The Google Chat domain name., space_display_name: str # The Google Chat space display name.} @returns(200) {data: map{attributes: map{display_name: str, organization_binding_id: str, resource_name: str, space_uri: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/google-chat/organizations/{organization_binding_id}/organization-handles @desc Get all organization handles @required {organization_binding_id: str # Your organization binding ID.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integration/google-chat/organizations/{organization_binding_id}/organization-handles @desc Create organization handle @required {organization_binding_id: str # Your organization binding ID., data: map{attributes!: map} # Organization handle data for a create request., type: str=google-chat-organization-handle # Organization handle resource type.} @returns(201) {data: map{attributes: map{name: str, space_display_name: str, space_resource_name: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/integration/google-chat/organizations/{organization_binding_id}/organization-handles/{handle_id} @desc Delete organization handle @required {organization_binding_id: str # Your organization binding ID., handle_id: str # Your organization handle ID.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/integration/google-chat/organizations/{organization_binding_id}/organization-handles/{handle_id} @desc Get organization handle @required {organization_binding_id: str # Your organization binding ID., handle_id: str # Your organization handle ID.} @returns(200) {data: map{attributes: map{name: str, space_display_name: str, space_resource_name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integration/google-chat/organizations/{organization_binding_id}/organization-handles/{handle_id} @desc Update organization handle @required {organization_binding_id: str # Your organization binding ID., handle_id: str # Your organization handle ID., data: map{attributes!: map} # Organization handle data for an update request., type: str=google-chat-organization-handle # Organization handle resource type.} @returns(200) {data: map{attributes: map{name: str, space_display_name: str, space_resource_name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/integration/jira/accounts @desc List Jira accounts @returns(200) {data: [map], meta: map{public_key: str}} # OK @errors {404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integration/jira/accounts/{account_id} @desc Delete Jira account @required {account_id: str(uuid) # The ID of the Jira account to delete} @returns(204) No Content @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/integration/jira/issue-templates @desc List Jira issue templates @returns(200) {data: [map], included: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/integration/jira/issue-templates @desc Create Jira issue template @optional {data: map{attributes: map, type: str} # Data object for creating a Jira issue template} @returns(201) {data: map{attributes: map{fields: map, issue_type_id: str, name: str, project_id: str}, id: str(uuid), relationships: map{jira-account: map{data: map}}, type: str}, included: [map]} # Created @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/integration/jira/issue-templates/{issue_template_id} @desc Delete Jira issue template @required {issue_template_id: str(uuid) # The ID of the Jira issue template to delete} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/integration/jira/issue-templates/{issue_template_id} @desc Get Jira issue template @required {issue_template_id: str(uuid) # The ID of the Jira issue template to retrieve} @returns(200) {data: map{attributes: map{fields: map, issue_type_id: str, name: str, project_id: str}, id: str(uuid), relationships: map{jira-account: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint PATCH /api/v2/integration/jira/issue-templates/{issue_template_id} @desc Update Jira issue template @required {issue_template_id: str(uuid) # The ID of the Jira issue template to update, data: map{attributes!: map, type!: str} # Data object for updating a Jira issue template} @returns(200) {data: map{attributes: map{fields: map, issue_type_id: str, name: str, project_id: str}, id: str(uuid), relationships: map{jira-account: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/integration/ms-teams/configuration/channel/{tenant_name}/{team_name}/{channel_name} @desc Get channel information by name @required {tenant_name: str # Your tenant name., team_name: str # Your team name., channel_name: str # Your channel name.} @returns(200) {data: map{attributes: map{is_primary: bool, team_id: str, tenant_id: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/ms-teams/configuration/tenant-based-handles @desc Get all tenant-based handles @optional {tenant_id: str # Your tenant id., name: str # Your tenant-based handle name.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 412: Failed Precondition, 429: Too many requests} @endpoint POST /api/v2/integration/ms-teams/configuration/tenant-based-handles @desc Create tenant-based handle @required {data: map{attributes!: map, type!: str} # Tenant-based handle data from a response.} @returns(201) {data: map{attributes: map{channel_id: str, name: str, team_id: str, tenant_id: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 412: Failed Precondition, 429: Too many requests} @endpoint DELETE /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} @desc Delete tenant-based handle @required {handle_id: str # Your tenant-based handle id.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 412: Failed Precondition, 429: Too many requests} @endpoint GET /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} @desc Get tenant-based handle information @required {handle_id: str # Your tenant-based handle id.} @returns(200) {data: map{attributes: map{channel_id: str, name: str, team_id: str, tenant_id: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 412: Failed Precondition, 429: Too many requests} @endpoint PATCH /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} @desc Update tenant-based handle @required {handle_id: str # Your tenant-based handle id., data: map{attributes!: map, type!: str} # Tenant-based handle data from a response.} @returns(200) {data: map{attributes: map{channel_id: str, name: str, team_id: str, tenant_id: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 412: Failed Precondition, 429: Too many requests} @endpoint GET /api/v2/integration/ms-teams/configuration/workflows-webhook-handles @desc Get all Workflows webhook handles @optional {name: str # Your Workflows webhook handle name.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 412: Failed Precondition, 429: Too many requests} @endpoint POST /api/v2/integration/ms-teams/configuration/workflows-webhook-handles @desc Create Workflows webhook handle @required {data: map{attributes!: map, type!: str} # Workflows Webhook handle data from a response.} @returns(201) {data: map{attributes: map{name: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 412: Failed Precondition, 429: Too many requests} @endpoint DELETE /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} @desc Delete Workflows webhook handle @required {handle_id: str # Your Workflows webhook handle id.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 412: Failed Precondition, 429: Too many requests} @endpoint GET /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} @desc Get Workflows webhook handle information @required {handle_id: str # Your Workflows webhook handle id.} @returns(200) {data: map{attributes: map{name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 412: Failed Precondition, 429: Too many requests} @endpoint PATCH /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} @desc Update Workflows webhook handle @required {handle_id: str # Your Workflows webhook handle id., data: map{attributes!: map, type!: str} # Workflows Webhook handle data from a response.} @returns(200) {data: map{attributes: map{name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 412: Failed Precondition, 429: Too many requests} @endpoint GET /api/v2/integration/oci/products @desc List tenancy products @required {productKeys: str # Comma-separated list of product keys to filter by.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/integration/oci/tenancies @desc Get tenancy configs @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/integration/oci/tenancies @desc Create tenancy config @required {data: map{attributes: map, id!: str, type!: str} # The data object for creating a new OCI tenancy integration configuration, including the tenancy ID, type, and configuration attributes.} @returns(201) {data: map{attributes: map{billing_plan_id: int(int32), config_version: int(int64), cost_collection_enabled: bool, dd_compartment_id: str, dd_stack_id: str, home_region: str, logs_config: map{compartment_tag_filters: [str], enabled: bool, enabled_services: [str]}, metrics_config: map{compartment_tag_filters: [str], enabled: bool, excluded_services: [str]}, parent_tenancy_name: str, regions_config: map{available: [str], disabled: [str], enabled: [str]}, resource_collection_enabled: bool, tenancy_name: str, user_ocid: str}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/integration/oci/tenancies/{tenancy_ocid} @desc Delete tenancy config @required {tenancy_ocid: str # The OCID of the tenancy config to delete.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/integration/oci/tenancies/{tenancy_ocid} @desc Get tenancy config @required {tenancy_ocid: str # The OCID of the tenancy config to retrieve.} @returns(200) {data: map{attributes: map{billing_plan_id: int(int32), config_version: int(int64), cost_collection_enabled: bool, dd_compartment_id: str, dd_stack_id: str, home_region: str, logs_config: map{compartment_tag_filters: [str], enabled: bool, enabled_services: [str]}, metrics_config: map{compartment_tag_filters: [str], enabled: bool, excluded_services: [str]}, parent_tenancy_name: str, regions_config: map{available: [str], disabled: [str], enabled: [str]}, resource_collection_enabled: bool, tenancy_name: str, user_ocid: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/integration/oci/tenancies/{tenancy_ocid} @desc Update tenancy config @required {tenancy_ocid: str # The OCID of the tenancy config to update., data: map{attributes: map, id!: str, type!: str} # The data object for updating an existing OCI tenancy integration configuration, including the tenancy ID, type, and updated attributes.} @returns(200) {data: map{attributes: map{billing_plan_id: int(int32), config_version: int(int64), cost_collection_enabled: bool, dd_compartment_id: str, dd_stack_id: str, home_region: str, logs_config: map{compartment_tag_filters: [str], enabled: bool, enabled_services: [str]}, metrics_config: map{compartment_tag_filters: [str], enabled: bool, excluded_services: [str]}, parent_tenancy_name: str, regions_config: map{available: [str], disabled: [str], enabled: [str]}, resource_collection_enabled: bool, tenancy_name: str, user_ocid: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/integration/opsgenie/services @desc Get all service objects @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/integration/opsgenie/services @desc Create a new service object @required {data: map{attributes!: map, type!: str} # Opsgenie service data for a create request.} @returns(201) {data: map{attributes: map{custom_url: str?, name: str, region: str}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/integration/opsgenie/services/{integration_service_id} @desc Delete a single service object @required {integration_service_id: str # The UUID of the service.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/opsgenie/services/{integration_service_id} @desc Get a single service object @required {integration_service_id: str # The UUID of the service.} @returns(200) {data: map{attributes: map{custom_url: str?, name: str, region: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint PATCH /api/v2/integration/opsgenie/services/{integration_service_id} @desc Update a single service object @required {integration_service_id: str # The UUID of the service., data: map{attributes!: map, id!: str, type!: str} # Opsgenie service for an update request.} @returns(200) {data: map{attributes: map{custom_url: str?, name: str, region: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/assignment_groups/{instance_id} @desc List ServiceNow assignment groups @required {instance_id: str(uuid) # The ID of the ServiceNow instance} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/business_services/{instance_id} @desc List ServiceNow business services @required {instance_id: str(uuid) # The ID of the ServiceNow instance} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/handles @desc List ServiceNow templates @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/integration/servicenow/handles @desc Create ServiceNow template @required {data: map{attributes!: map, type!: str} # Data object for creating a ServiceNow template} @returns(201) {data: map{attributes: map{assignment_group_id: str(uuid), business_service_id: str(uuid), fields_mapping: map, handle_name: str, instance_id: str(uuid), servicenow_tablename: str, user_id: str(uuid)}, id: str(uuid), type: str}} # Created @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/integration/servicenow/handles/{template_id} @desc Delete ServiceNow template @required {template_id: str(uuid) # The ID of the ServiceNow template to delete} @returns(200) OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/handles/{template_id} @desc Get ServiceNow template @required {template_id: str(uuid) # The ID of the ServiceNow template to retrieve} @returns(200) {data: map{attributes: map{assignment_group_id: str(uuid), business_service_id: str(uuid), fields_mapping: map, handle_name: str, instance_id: str(uuid), servicenow_tablename: str, user_id: str(uuid)}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/integration/servicenow/handles/{template_id} @desc Update ServiceNow template @required {template_id: str(uuid) # The ID of the ServiceNow template to update, data: map{attributes!: map, type!: str} # Data object for updating a ServiceNow template} @returns(200) {data: map{attributes: map{assignment_group_id: str(uuid), business_service_id: str(uuid), fields_mapping: map, handle_name: str, instance_id: str(uuid), servicenow_tablename: str, user_id: str(uuid)}, id: str(uuid), type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/instances @desc List ServiceNow instances @returns(200) {data: [map]} # OK @errors {404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integration/servicenow/users/{instance_id} @desc List ServiceNow users @required {instance_id: str(uuid) # The ID of the ServiceNow instance} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations @desc List Integrations @returns(200) {data: [map]} # Successful Response. @errors {429: Too many requests} @endpoint GET /api/v2/integrations/cloudflare/accounts @desc List Cloudflare accounts @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/cloudflare/accounts @desc Add Cloudflare account @required {data: map{attributes!: map, type!: str} # Data object for creating a Cloudflare account.} @returns(201) {data: map{attributes: map{email: str, name: str, resources: [str], zones: [str]}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/cloudflare/accounts/{account_id} @desc Delete Cloudflare account @required {account_id: str # None} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/cloudflare/accounts/{account_id} @desc Get Cloudflare account @required {account_id: str # None} @returns(200) {data: map{attributes: map{email: str, name: str, resources: [str], zones: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/cloudflare/accounts/{account_id} @desc Update Cloudflare account @required {account_id: str # None, data: map{attributes: map, type: str} # Data object for updating a Cloudflare account.} @returns(200) {data: map{attributes: map{email: str, name: str, resources: [str], zones: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/confluent-cloud/accounts @desc List Confluent accounts @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/confluent-cloud/accounts @desc Add Confluent account @required {data: map{attributes!: map, type!: str} # The data body for adding a Confluent account.} @returns(201) {data: map{attributes: map{api_key: str, resources: [map], tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/confluent-cloud/accounts/{account_id} @desc Delete Confluent account @required {account_id: str # Confluent Account ID.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/confluent-cloud/accounts/{account_id} @desc Get Confluent account @required {account_id: str # Confluent Account ID.} @returns(200) {data: map{attributes: map{api_key: str, resources: [map], tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/confluent-cloud/accounts/{account_id} @desc Update Confluent account @required {account_id: str # Confluent Account ID., data: map{attributes!: map, type!: str} # Data object for updating a Confluent account.} @returns(200) {data: map{attributes: map{api_key: str, resources: [map], tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources @desc List Confluent Account resources @required {account_id: str # Confluent Account ID.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources @desc Add resource to Confluent account @required {account_id: str # Confluent Account ID., data: map{attributes!: map, id!: str, type!: str} # JSON:API request for updating a Confluent resource.} @returns(201) {data: map{attributes: map{enable_custom_metrics: bool, id: str, resource_type: str, tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} @desc Delete resource from Confluent account @required {account_id: str # Confluent Account ID., resource_id: str # Confluent Account Resource ID.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} @desc Get resource from Confluent account @required {account_id: str # Confluent Account ID., resource_id: str # Confluent Account Resource ID.} @returns(200) {data: map{attributes: map{enable_custom_metrics: bool, id: str, resource_type: str, tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} @desc Update resource in Confluent account @required {account_id: str # Confluent Account ID., resource_id: str # Confluent Account Resource ID., data: map{attributes!: map, id!: str, type!: str} # JSON:API request for updating a Confluent resource.} @returns(200) {data: map{attributes: map{enable_custom_metrics: bool, id: str, resource_type: str, tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/fastly/accounts @desc List Fastly accounts @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/fastly/accounts @desc Add Fastly account @required {data: map{attributes!: map, type!: str} # Data object for creating a Fastly account.} @returns(201) {data: map{attributes: map{name: str, services: [map]}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/fastly/accounts/{account_id} @desc Delete Fastly account @required {account_id: str # Fastly Account id.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/fastly/accounts/{account_id} @desc Get Fastly account @required {account_id: str # Fastly Account id.} @returns(200) {data: map{attributes: map{name: str, services: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/fastly/accounts/{account_id} @desc Update Fastly account @required {account_id: str # Fastly Account id., data: map{attributes: map, type: str} # Data object for updating a Fastly account.} @returns(200) {data: map{attributes: map{name: str, services: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/fastly/accounts/{account_id}/services @desc List Fastly services @required {account_id: str # Fastly Account id.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/fastly/accounts/{account_id}/services @desc Add Fastly service @required {account_id: str # Fastly Account id., data: map{attributes: map, id!: str, type!: str} # Data object for Fastly service requests.} @returns(201) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # CREATED @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} @desc Delete Fastly service @required {account_id: str # Fastly Account id., service_id: str # Fastly Service ID.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} @desc Get Fastly service @required {account_id: str # Fastly Account id., service_id: str # Fastly Service ID.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} @desc Update Fastly service @required {account_id: str # Fastly Account id., service_id: str # Fastly Service ID., data: map{attributes: map, id!: str, type!: str} # Data object for Fastly service requests.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/okta/accounts @desc List Okta accounts @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/integrations/okta/accounts @desc Add Okta account @required {data: map{attributes!: map, id: str, type!: str} # Schema for an Okta account.} @returns(201) {data: map{attributes: map{api_key: str, auth_method: str, client_id: str, client_secret: str, domain: str, name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/integrations/okta/accounts/{account_id} @desc Delete Okta account @required {account_id: str # None} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/integrations/okta/accounts/{account_id} @desc Get Okta account @required {account_id: str # None} @returns(200) {data: map{attributes: map{api_key: str, auth_method: str, client_id: str, client_secret: str, domain: str, name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/integrations/okta/accounts/{account_id} @desc Update Okta account @required {account_id: str # None, data: map{attributes: map, type: str} # Data object for updating an Okta account.} @returns(200) {data: map{attributes: map{api_key: str, auth_method: str, client_id: str, client_secret: str, domain: str, name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/ip_allowlist @desc Get IP Allowlist @returns(200) {data: map{attributes: map{enabled: bool, entries: [map]}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/ip_allowlist @desc Update IP Allowlist @required {data: map{attributes: map, id: str, type!: str} # IP allowlist data.} @returns(200) {data: map{attributes: map{enabled: bool, entries: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/llm-obs/v1/experiments @desc List LLM Observability experiments @optional {filter[project_id]: str # Filter experiments by project ID. Required if `filter[dataset_id]` is not provided., filter[dataset_id]: str # Filter experiments by dataset ID., filter[id]: str # Filter experiments by experiment ID. Can be specified multiple times., page[cursor]: str # Use the Pagination cursor to retrieve the next page of results., page[limit]: int(int64) # Maximum number of results to return per page.} @returns(200) {data: [map], meta: map{after: str?}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/experiments @desc Create an LLM Observability experiment @required {data: map{attributes!: map, type!: str} # Data object for creating an LLM Observability experiment.} @returns(200) {data: map{attributes: map{config: map?, created_at: str(date-time), dataset_id: str, description: str?, metadata: map?, name: str, project_id: str, updated_at: str(date-time)}, id: str, type: str}} # OK @returns(201) {data: map{attributes: map{config: map?, created_at: str(date-time), dataset_id: str, description: str?, metadata: map?, name: str, project_id: str, updated_at: str(date-time)}, id: str, type: str}} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/experiments/delete @desc Delete LLM Observability experiments @required {data: map{attributes!: map, type!: str} # Data object for deleting LLM Observability experiments.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint PATCH /api/v2/llm-obs/v1/experiments/{experiment_id} @desc Update an LLM Observability experiment @required {experiment_id: str # The ID of the LLM Observability experiment., data: map{attributes!: map, type!: str} # Data object for updating an LLM Observability experiment.} @returns(200) {data: map{attributes: map{config: map?, created_at: str(date-time), dataset_id: str, description: str?, metadata: map?, name: str, project_id: str, updated_at: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/experiments/{experiment_id}/events @desc Push events for an LLM Observability experiment @required {experiment_id: str # The ID of the LLM Observability experiment., data: map{attributes!: map, type!: str} # Data object for pushing experiment events.} @returns(202) Accepted @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/llm-obs/v1/projects @desc List LLM Observability projects @optional {filter[id]: str # Filter projects by project ID., filter[name]: str # Filter projects by name., page[cursor]: str # Use the Pagination cursor to retrieve the next page of results., page[limit]: int(int64) # Maximum number of results to return per page.} @returns(200) {data: [map], meta: map{after: str?}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/projects @desc Create an LLM Observability project @required {data: map{attributes!: map, type!: str} # Data object for creating an LLM Observability project.} @returns(200) {data: map{attributes: map{created_at: str(date-time), description: str?, name: str, updated_at: str(date-time)}, id: str, type: str}} # OK @returns(201) {data: map{attributes: map{created_at: str(date-time), description: str?, name: str, updated_at: str(date-time)}, id: str, type: str}} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/projects/delete @desc Delete LLM Observability projects @required {data: map{attributes!: map, type!: str} # Data object for deleting LLM Observability projects.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint PATCH /api/v2/llm-obs/v1/projects/{project_id} @desc Update an LLM Observability project @required {project_id: str # The ID of the LLM Observability project., data: map{attributes!: map, type!: str} # Data object for updating an LLM Observability project.} @returns(200) {data: map{attributes: map{created_at: str(date-time), description: str?, name: str, updated_at: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/llm-obs/v1/{project_id}/datasets @desc List LLM Observability datasets @required {project_id: str # The ID of the LLM Observability project.} @optional {filter[name]: str # Filter datasets by name., filter[id]: str # Filter datasets by dataset ID., page[cursor]: str # Use the Pagination cursor to retrieve the next page of results., page[limit]: int(int64) # Maximum number of results to return per page.} @returns(200) {data: [map], meta: map{after: str?}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/{project_id}/datasets @desc Create an LLM Observability dataset @required {project_id: str # The ID of the LLM Observability project., data: map{attributes!: map, type!: str} # Data object for creating an LLM Observability dataset.} @returns(200) {data: map{attributes: map{created_at: str(date-time), current_version: int(int64), description: str?, metadata: map?, name: str, updated_at: str(date-time)}, id: str, type: str}} # OK @returns(201) {data: map{attributes: map{created_at: str(date-time), current_version: int(int64), description: str?, metadata: map?, name: str, updated_at: str(date-time)}, id: str, type: str}} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/{project_id}/datasets/delete @desc Delete LLM Observability datasets @required {project_id: str # The ID of the LLM Observability project., data: map{attributes!: map, type!: str} # Data object for deleting LLM Observability datasets.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/llm-obs/v1/{project_id}/datasets/{dataset_id} @desc Update an LLM Observability dataset @required {project_id: str # The ID of the LLM Observability project., dataset_id: str # The ID of the LLM Observability dataset., data: map{attributes!: map, type!: str} # Data object for updating an LLM Observability dataset.} @returns(200) {data: map{attributes: map{created_at: str(date-time), current_version: int(int64), description: str?, metadata: map?, name: str, updated_at: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/llm-obs/v1/{project_id}/datasets/{dataset_id}/records @desc List LLM Observability dataset records @required {project_id: str # The ID of the LLM Observability project., dataset_id: str # The ID of the LLM Observability dataset.} @optional {filter[version]: int(int64) # Retrieve records from a specific dataset version. Defaults to the current version., page[cursor]: str # Use the Pagination cursor to retrieve the next page of results., page[limit]: int(int64) # Maximum number of results to return per page.} @returns(200) {data: [map], meta: map{after: str?}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/llm-obs/v1/{project_id}/datasets/{dataset_id}/records @desc Update LLM Observability dataset records @required {project_id: str # The ID of the LLM Observability project., dataset_id: str # The ID of the LLM Observability dataset., data: map{attributes!: map, type!: str} # Data object for updating records in an LLM Observability dataset.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/{project_id}/datasets/{dataset_id}/records @desc Append records to an LLM Observability dataset @required {project_id: str # The ID of the LLM Observability project., dataset_id: str # The ID of the LLM Observability dataset., data: map{attributes!: map, type!: str} # Data object for appending records to an LLM Observability dataset.} @returns(200) {data: [map]} # OK @returns(201) {data: [map]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/llm-obs/v1/{project_id}/datasets/{dataset_id}/records/delete @desc Delete LLM Observability dataset records @required {project_id: str # The ID of the LLM Observability project., dataset_id: str # The ID of the LLM Observability dataset., data: map{attributes!: map, type!: str} # Data object for deleting records from an LLM Observability dataset.} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/logs @desc Send logs @optional {Content-Encoding: str # HTTP header used to compress the media-type., ddtags: str # Log tags can be passed as query parameters with `text/plain` content type.} @returns(202) Request accepted for processing (always 202 empty JSON). @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 408: Request Timeout, 413: Payload Too Large, 429: Too Many Requests, 500: Internal Server Error, 503: Service Unavailable} @example_request [{"ddsource":"nginx","ddtags":"env:staging,version:5.1","hostname":"i-012345678","message":"2019-11-19T14:37:58,995 INFO [process.name][20081] Hello","service":"payment"},{"ddsource":"nginx","ddtags":"env:staging,version:5.1","hostname":"i-012345679","message":"2019-11-19T14:37:58,995 INFO [process.name][20081] World","service":"payment"}] @endpoint POST /api/v2/logs/analytics/aggregate @desc Aggregate events @optional {compute: [map{aggregation!: str, interval: str, metric: str, type: str}] # The list of metrics or timeseries to compute for the retrieved buckets., filter: map{from: str, indexes: [str], query: str, storage_tier: str, to: str} # The search and filter query settings, group_by: [map{facet!: str, histogram: map, limit: int(int64), missing: any, sort: map, total: any}] # The rules for the group by, options: map{timeOffset: int(int64), timezone: str} # Global query options that are used during the query. Note: These fields are currently deprecated and do not affect the query results., page: map{cursor: str} # Paging settings} @returns(200) {data: map{buckets: [map]}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/logs/config/archive-order @desc Get archive order @returns(200) {data: map{attributes: map{archive_ids: [str]}, type: str}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint PUT /api/v2/logs/config/archive-order @desc Update archive order @optional {data: map{attributes!: map, type!: str} # The definition of an archive order.} @returns(200) {data: map{attributes: map{archive_ids: [str]}, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/logs/config/archives @desc Get all archives @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/logs/config/archives @desc Create an archive @optional {data: map{attributes: map, type!: str} # The definition of an archive.} @returns(200) {data: map{attributes: map{destination: map?, include_tags: bool, name: str, query: str, rehydration_max_scan_size_in_gb: int(int64)?, rehydration_tags: [str], state: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/archives/{archive_id} @desc Delete an archive @required {archive_id: str # The ID of the archive.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/archives/{archive_id} @desc Get an archive @required {archive_id: str # The ID of the archive.} @returns(200) {data: map{attributes: map{destination: map?, include_tags: bool, name: str, query: str, rehydration_max_scan_size_in_gb: int(int64)?, rehydration_tags: [str], state: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint PUT /api/v2/logs/config/archives/{archive_id} @desc Update an archive @required {archive_id: str # The ID of the archive.} @optional {data: map{attributes: map, type!: str} # The definition of an archive.} @returns(200) {data: map{attributes: map{destination: map?, include_tags: bool, name: str, query: str, rehydration_max_scan_size_in_gb: int(int64)?, rehydration_tags: [str], state: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/archives/{archive_id}/readers @desc Revoke role from an archive @required {archive_id: str # The ID of the archive.} @optional {data: map{id: str, type: str} # Relationship to role object.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/archives/{archive_id}/readers @desc List read roles for an archive @required {archive_id: str # The ID of the archive.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint POST /api/v2/logs/config/archives/{archive_id}/readers @desc Grant role to an archive @required {archive_id: str # The ID of the archive.} @optional {data: map{id: str, type: str} # Relationship to role object.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/custom-destinations @desc Get all custom destinations @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/logs/config/custom-destinations @desc Create a custom destination @optional {data: map{attributes!: map, type!: str} # The definition of a custom destination.} @returns(200) {data: map{attributes: map{enabled: bool, forward_tags: bool, forward_tags_restriction_list: [str], forward_tags_restriction_list_type: str, forwarder_destination: any, name: str, query: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/custom-destinations/{custom_destination_id} @desc Delete a custom destination @required {custom_destination_id: str # The ID of the custom destination.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/logs/config/custom-destinations/{custom_destination_id} @desc Get a custom destination @required {custom_destination_id: str # The ID of the custom destination.} @returns(200) {data: map{attributes: map{enabled: bool, forward_tags: bool, forward_tags_restriction_list: [str], forward_tags_restriction_list_type: str, forwarder_destination: any, name: str, query: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/logs/config/custom-destinations/{custom_destination_id} @desc Update a custom destination @required {custom_destination_id: str # The ID of the custom destination.} @optional {data: map{attributes: map, id!: str, type!: str} # The definition of a custom destination.} @returns(200) {data: map{attributes: map{enabled: bool, forward_tags: bool, forward_tags_restriction_list: [str], forward_tags_restriction_list_type: str, forwarder_destination: any, name: str, query: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/logs/config/metrics @desc Get all log-based metrics @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/logs/config/metrics @desc Create a log-based metric @required {data: map{attributes!: map, id!: str, type!: str} # The new log-based metric properties.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/metrics/{metric_id} @desc Delete a log-based metric @required {metric_id: str # The name of the log-based metric.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/logs/config/metrics/{metric_id} @desc Get a log-based metric @required {metric_id: str # The name of the log-based metric.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/logs/config/metrics/{metric_id} @desc Update a log-based metric @required {metric_id: str # The name of the log-based metric., data: map{attributes!: map, type!: str} # The new log-based metric properties.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, filter: map{query: str}, group_by: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/logs/config/restriction_queries @desc List restriction queries @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: [map]} # OK @errors {403: Authentication error, 429: Too many requests} @endpoint POST /api/v2/logs/config/restriction_queries @desc Create a restriction query @optional {data: map{attributes: map, type: str} # Data related to the creation of a restriction query.} @returns(200) {data: map{attributes: map{created_at: str(date-time), last_modifier_email: str, last_modifier_name: str, modified_at: str(date-time), restriction_query: str, role_count: int(int64), user_count: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint GET /api/v2/logs/config/restriction_queries/role/{role_id} @desc Get restriction query for a given role @required {role_id: str # The ID of the role.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/restriction_queries/user/{user_id} @desc Get all restriction queries for a given user @required {user_id: str # The ID of the user.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/restriction_queries/{restriction_query_id} @desc Delete a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @returns(204) OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/restriction_queries/{restriction_query_id} @desc Get a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @returns(200) {data: map{attributes: map{created_at: str(date-time), last_modifier_email: str, last_modifier_name: str, modified_at: str(date-time), restriction_query: str, role_count: int(int64), user_count: int(int64)}, id: str, relationships: map{roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint PATCH /api/v2/logs/config/restriction_queries/{restriction_query_id} @desc Update a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @optional {data: map{attributes: map, type: str} # Data related to the update of a restriction query.} @returns(200) {data: map{attributes: map{created_at: str(date-time), last_modifier_email: str, last_modifier_name: str, modified_at: str(date-time), restriction_query: str, role_count: int(int64), user_count: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint PUT /api/v2/logs/config/restriction_queries/{restriction_query_id} @desc Replace a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @optional {data: map{attributes: map, type: str} # Data related to the update of a restriction query.} @returns(200) {data: map{attributes: map{created_at: str(date-time), last_modifier_email: str, last_modifier_name: str, modified_at: str(date-time), restriction_query: str, role_count: int(int64), user_count: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint DELETE /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles @desc Revoke role from a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @optional {data: map{id: str, type: str} # Relationship to role object.} @returns(204) OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles @desc List roles for a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint POST /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles @desc Grant role to a restriction query @required {restriction_query_id: str # The ID of the restriction query.} @optional {data: map{id: str, type: str} # Relationship to role object.} @returns(204) OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/logs/events @desc Search logs (GET) @optional {filter[query]: str # Search query following logs syntax., filter[indexes]: [str] # For customers with multiple indexes, the indexes to search. Defaults to '*' which means all indexes, filter[from]: str(date-time) # Minimum timestamp for requested logs., filter[to]: str(date-time) # Maximum timestamp for requested logs., filter[storage_tier]: str # Specifies the storage type to be used, sort: str # Order of logs in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of logs in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/logs/events/search @desc Search logs (POST) @optional {filter: map{from: str, indexes: [str], query: str, storage_tier: str, to: str} # The search and filter query settings, options: map{timeOffset: int(int64), timezone: str} # Global query options that are used during the query. Note: These fields are currently deprecated and do not affect the query results., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing logs., sort: str(timestamp/-timestamp) # Sort parameters when querying logs.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/metrics @desc Get a list of metrics @optional {filter[configured]: bool # Only return custom metrics that have been configured with Metrics Without Limits., filter[tags_configured]: str # Only return metrics that have the given tag key(s) in their Metrics Without Limits configuration (included or excluded)., filter[metric_type]: str # Only return metrics of the given metric type., filter[include_percentiles]: bool # Only return distribution metrics that have percentile aggregations enabled (true) or disabled (false)., filter[queried]: bool # Only return metrics that have been queried (true) or not queried (false) in the look back window. Set the window with `filter[queried][window][seconds]`; if omitted, a default window is used., filter[queried][window][seconds]: int(int64)=2592000 # Only return metrics that have been queried or not queried in the specified window. Dependent on being sent with `filter[queried]`. The default value is 2,592,000 seconds (30 days), the maximum value is 15,552,000 seconds (180 days), and the minimum value is 1 second., filter[tags]: str # Only return metrics that were submitted with tags matching this expression. You can use AND, OR, IN, and wildcards (for example, service:web*)., filter[related_assets]: bool # Only return metrics that are used in at least one dashboard, monitor, notebook, or SLO., window[seconds]: int(int64)=3600 # Only return metrics that have been actively reporting in the specified window. The default value is 3600 seconds (1 hour), the maximum value is 2,592,000 seconds (30 days), and the minimum value is 1 second., page[size]: int(int32)=10000 # Maximum number of results per page. Use with `page[cursor]` for pagination. The default value is 10000, the maximum value is 10000, and the minimum value is 1., page[cursor]: str # Cursor for pagination. Use `page[size]` to opt-in to pagination and get the first page; for subsequent pages, use the value from `meta.pagination.next_cursor` in the response. Pagination is complete when `next_cursor` is null.} @returns(200) {data: [any], links: map{first: str, last: str?, next: str?, prev: str?, self: str}, meta: map{pagination: map{cursor: str?, limit: int(int32), next_cursor: str?, type: str}}} # Success @errors {400: Bad Request, 403: Forbidden, 429: Too Many Requests} @endpoint DELETE /api/v2/metrics/config/bulk-tags @desc Delete tags for multiple metrics @required {data: map{attributes: map, id!: str, type!: str} # Request object to bulk delete all tag configurations for metrics matching the given prefix.} @returns(202) {data: map{attributes: map{emails: [str], exclude_tags_mode: bool, status: str, tags: [str]}, id: str, type: str}} # Accepted @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint POST /api/v2/metrics/config/bulk-tags @desc Configure tags for multiple metrics @required {data: map{attributes: map, id!: str, type!: str} # Request object to bulk configure tags for metrics matching the given prefix.} @returns(202) {data: map{attributes: map{emails: [str], exclude_tags_mode: bool, status: str, tags: [str]}, id: str, type: str}} # Accepted @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/active-configurations @desc List active tags and aggregations @required {metric_name: str # The name of the metric.} @optional {window[seconds]: int(int64) # The number of seconds of look back (from now). Default value is 604,800 (1 week), minimum value is 7200 (2 hours), maximum value is 2,630,000 (1 month).} @returns(200) {data: map{attributes: map{active_aggregations: [map], active_tags: [str]}, id: str, type: str}} # Success @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/all-tags @desc List tags by metric name @required {metric_name: str # The name of the metric.} @optional {window[seconds]: int(int64) # The number of seconds of look back (from now) to query for tag data. Default value is 14400 (4 hours), minimum value is 14400 (4 hours)., filter[tags]: str # Filter results to tags from data points that have the specified tags. For example, `filter[tags]=env:staging,host:123` returns tags only from data points with both `env:staging` and `host:123`., filter[match]: str # Filter returned tags to those matching a substring. For example, `filter[match]=env` returns tags like `env:prod`, `environment:staging`, etc., filter[include_tag_values]: bool # Whether to include tag values in the response. Defaults to true., filter[allow_partial]: bool # Whether to allow partial results. Defaults to false., page[limit]: int(int32)=1000000 # Maximum number of results to return.} @returns(200) {data: map{attributes: map{ingested_tags: [str], tags: [str]}, id: str, type: str}} # Success @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/assets @desc Related Assets to a Metric @required {metric_name: str # The name of the metric.} @returns(200) {data: map{id: str, relationships: map{dashboards: map{data: [map]}, monitors: map{data: [map]}, notebooks: map{data: [map]}, slos: map{data: [map]}}, type: str}, included: [any]} # Success @errors {400: API error response., 403: API error response., 404: API error response., 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/estimate @desc Tag Configuration Cardinality Estimator @required {metric_name: str # The name of the metric.} @optional {filter[groups]: str # Filtered tag keys that the metric is configured to query with., filter[hours_ago]: int(int32) # The number of hours of look back (from now) to estimate cardinality with. If unspecified, it defaults to 0 hours., filter[num_aggregations]: int(int32) # Deprecated. Number of aggregations has no impact on volume., filter[pct]: bool # A boolean, for distribution metrics only, to estimate cardinality if the metric includes additional percentile aggregators., filter[timespan_h]: int(int32) # A window, in hours, from the look back to estimate cardinality with. The minimum and default is 1 hour.} @returns(200) {data: map{attributes: map{estimate_type: str, estimated_at: str(date-time), estimated_output_series: int(int64)}, id: str, type: str}} # Success @errors {400: API error response., 403: API error response., 404: API error response., 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/tag-cardinalities @desc Get tag key cardinality details @required {metric_name: str # The name of the metric.} @returns(200) {data: [map], meta: map{metric_name: str}} # Success @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint DELETE /api/v2/metrics/{metric_name}/tags @desc Delete a tag configuration @required {metric_name: str # The name of the metric.} @returns(204) No Content @errors {403: Forbidden, 404: Not found, 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/tags @desc List tag configuration by name @required {metric_name: str # The name of the metric.} @returns(200) {data: map{attributes: map{aggregations: [map], created_at: str(date-time), exclude_tags_mode: bool, include_percentiles: bool, metric_type: str, modified_at: str(date-time), tags: [str]}, id: str, type: str}} # Success @errors {403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint PATCH /api/v2/metrics/{metric_name}/tags @desc Update a tag configuration @required {metric_name: str # The name of the metric., data: map{attributes: map, id!: str, type!: str} # Object for a single tag configuration to be edited.} @returns(200) {data: map{attributes: map{aggregations: [map], created_at: str(date-time), exclude_tags_mode: bool, include_percentiles: bool, metric_type: str, modified_at: str(date-time), tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 422: Unprocessable Entity, 429: Too Many Requests} @endpoint POST /api/v2/metrics/{metric_name}/tags @desc Create a tag configuration @required {metric_name: str # The name of the metric., data: map{attributes: map, id!: str, type!: str} # Object for a single metric to be configure tags on.} @returns(201) {data: map{attributes: map{aggregations: [map], created_at: str(date-time), exclude_tags_mode: bool, include_percentiles: bool, metric_type: str, modified_at: str(date-time), tags: [str]}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too Many Requests} @endpoint GET /api/v2/metrics/{metric_name}/volumes @desc List distinct metric volumes by metric name @required {metric_name: str # The name of the metric.} @returns(200) {data: any} # Success @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too Many Requests} @endpoint GET /api/v2/monitor/notification_rule @desc Get all monitor notification rules @optional {page: int(int32) # The page to start paginating from. If `page` is not specified, the argument defaults to the first page., per_page: int(int32) # The number of rules to return per page. If `per_page` is not specified, the argument defaults to 100., sort: str # String for sort order, composed of field and sort order separated by a colon, for example `name:asc`. Supported sort directions: `asc`, `desc`. Supported fields: `name`, `created_at`., filters: str # JSON-encoded filter object. Supported keys: * `text`: Free-text query matched against rule name, tags, and recipients. * `tags`: Array of strings. Return rules that have any of these tags. * `recipients`: Array of strings. Return rules that have any of these recipients., include: str # Comma-separated list of resource paths for related resources to include in the response. Supported resource path is `created_by`.} @returns(200) {data: [map], included: [any]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/monitor/notification_rule @desc Create a monitor notification rule @required {data: map{attributes!: map, type: str} # Object to create a monitor notification rule.} @returns(200) {data: map{attributes: map{conditional_recipients: map{conditions: [map], fallback_recipients: [str]}, created: str(date-time), filter: any, modified: str(date-time), name: str, recipients: [str]}, id: str, relationships: map{created_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/monitor/notification_rule/{rule_id} @desc Delete a monitor notification rule @required {rule_id: str # ID of the monitor notification rule to delete.} @returns(204) OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/monitor/notification_rule/{rule_id} @desc Get a monitor notification rule @required {rule_id: str # ID of the monitor notification rule to fetch.} @optional {include: str # Comma-separated list of resource paths for related resources to include in the response. Supported resource path is `created_by`.} @returns(200) {data: map{attributes: map{conditional_recipients: map{conditions: [map], fallback_recipients: [str]}, created: str(date-time), filter: any, modified: str(date-time), name: str, recipients: [str]}, id: str, relationships: map{created_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/monitor/notification_rule/{rule_id} @desc Update a monitor notification rule @required {rule_id: str # ID of the monitor notification rule to update., data: map{attributes!: map, id!: str, type: str} # Object to update a monitor notification rule.} @returns(200) {data: map{attributes: map{conditional_recipients: map{conditions: [map], fallback_recipients: [str]}, created: str(date-time), filter: any, modified: str(date-time), name: str, recipients: [str]}, id: str, relationships: map{created_by: map{data: map?}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/monitor/policy @desc Get all monitor configuration policies @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/monitor/policy @desc Create a monitor configuration policy @required {data: map{attributes!: map, type!: str} # A monitor configuration policy data.} @returns(200) {data: map{attributes: map{policy: any, policy_type: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/monitor/policy/{policy_id} @desc Delete a monitor configuration policy @required {policy_id: str # ID of the monitor configuration policy.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/monitor/policy/{policy_id} @desc Get a monitor configuration policy @required {policy_id: str # ID of the monitor configuration policy.} @returns(200) {data: map{attributes: map{policy: any, policy_type: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/monitor/policy/{policy_id} @desc Edit a monitor configuration policy @required {policy_id: str # ID of the monitor configuration policy., data: map{attributes!: map, id!: str, type!: str} # A monitor configuration policy data.} @returns(200) {data: map{attributes: map{policy: any, policy_type: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/monitor/template @desc Get all monitor user templates @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/monitor/template @desc Create a monitor user template @required {data: map{attributes!: map, type!: str} # Monitor user template data.} @returns(200) {data: map{attributes: map{created: str(date-time), description: str?, modified: str(date-time), monitor_definition: map, tags: [str], template_variables: [map], title: str, version: int(int64)?}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint POST /api/v2/monitor/template/validate @desc Validate a monitor user template @required {data: map{attributes!: map, type!: str} # Monitor user template data.} @returns(204) OK @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/monitor/template/{template_id} @desc Delete a monitor user template @required {template_id: str # ID of the monitor user template.} @returns(204) OK @errors {404: Not Found, 429: Too many requests} @endpoint GET /api/v2/monitor/template/{template_id} @desc Get a monitor user template @required {template_id: str # ID of the monitor user template.} @optional {with_all_versions: bool # Whether to include all versions of the template in the response in the versions field.} @returns(200) {data: map{attributes: map{created: str(date-time), description: str?, modified: str(date-time), monitor_definition: map, tags: [str], template_variables: [map], title: str, version: int(int64)?, versions: [map]}, id: str, type: str}} # OK @errors {404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/monitor/template/{template_id} @desc Update a monitor user template to a new version @required {template_id: str # ID of the monitor user template., data: map{attributes!: map, id!: str, type!: str} # Monitor user template data.} @returns(200) {data: map{attributes: map{created: str(date-time), description: str?, modified: str(date-time), monitor_definition: map, tags: [str], template_variables: [map], title: str, version: int(int64)?, versions: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/monitor/template/{template_id}/validate @desc Validate an existing monitor user template @required {template_id: str # ID of the monitor user template., data: map{attributes!: map, id!: str, type!: str} # Monitor user template data.} @returns(204) OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/monitor/{monitor_id}/downtime_matches @desc Get active downtimes for a monitor @required {monitor_id: int(int64) # The id of the monitor.} @optional {page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., page[limit]: int(int64)=30 # Maximum number of downtimes in the response.} @returns(200) {data: [map], meta: map{page: map{total_filtered_count: int(int64)}}} # OK @errors {404: Monitor Not Found error, 429: Too many requests} @endpoint GET /api/v2/ndm/devices @desc Get the list of devices @optional {page[size]: int(int64)=50 # Size for a given page. The maximum allowed value is 500. Defaults to 50., page[number]: int(int64)=0 # Specific page number to return. Defaults to 0., sort: str=name # The field to sort the devices by. Defaults to `name`., filter[tag]: str # Filter devices by tag.} @returns(200) {data: [map], meta: map{page: map{total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/ndm/devices/{device_id} @desc Get the device details @required {device_id: str # The id of the device to fetch.} @returns(200) {data: map{attributes: map{description: str, device_type: str, integration: str, ip_address: str, location: str, model: str, name: str, os_hostname: str, os_name: str, os_version: str, ping_status: str, product_name: str, serial_number: str, status: str, subnet: str, sys_object_id: str, tags: [str], vendor: str, version: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/ndm/interfaces @desc Get the list of interfaces of the device @required {device_id: str # The ID of the device to get interfaces from.} @optional {get_ip_addresses: bool # Whether to get the IP addresses of the interfaces.} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/ndm/tags/devices/{device_id} @desc Get the list of tags for a device @required {device_id: str # The id of the device to fetch tags for.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/ndm/tags/devices/{device_id} @desc Update the tags for a device @required {device_id: str # The id of the device to update tags for.} @optional {data: map{attributes: map, id: str, type: str} # The list tags response data.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/ndm/tags/interfaces/{interface_id} @desc List tags for an interface @required {interface_id: str # The ID of the interface for which to retrieve tags.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/ndm/tags/interfaces/{interface_id} @desc Update the tags for an interface @required {interface_id: str # The ID of the interface for which to update tags.} @optional {data: map{attributes: map, id: str, type: str} # Response data for listing interface tags.} @returns(200) {data: map{attributes: map{tags: [str]}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/network/connections/aggregate @desc Get all aggregated connections @optional {from: int(int64) # Unix timestamp (number of seconds since epoch) of the start of the query window. If not provided, the start of the query window is 15 minutes before the `to` timestamp. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`., to: int(int64) # Unix timestamp (number of seconds since epoch) of the end of the query window. If not provided, the end of the query window is the current time. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`., group_by: str # Comma-separated list of fields to group connections by. The maximum number of group_by(s) is 10., tags: str # Comma-separated list of tags to filter connections by., limit: int(int32)=100 # The number of connections to be returned. The maximum value is 7500. The default is 100.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/network/dns/aggregate @desc Get all aggregated DNS traffic @optional {from: int(int64) # Unix timestamp (number of seconds since epoch) of the start of the query window. If not provided, the start of the query window is 15 minutes before the `to` timestamp. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`., to: int(int64) # Unix timestamp (number of seconds since epoch) of the end of the query window. If not provided, the end of the query window is the current time. If neither `from` nor `to` are provided, the query window is `[now - 15m, now]`., group_by: str # Comma-separated list of fields to group DNS traffic by. The server side defaults to `network.dns_query` if unspecified. `server_ungrouped` may be used if groups are not desired. The maximum number of group_by(s) is 10., tags: str # Comma-separated list of tags to filter DNS traffic by., limit: int(int32)=100 # The number of aggregated DNS entries to be returned. The maximum value is 7500. The default is 100.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint GET /api/v2/obs-pipelines/pipelines @desc List pipelines @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: [map], meta: map{totalCount: int(int64)}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/obs-pipelines/pipelines @desc Create a new pipeline @required {data: map{attributes!: map, type!: str} # Contains the the pipeline configuration.} @returns(201) {data: map{attributes: map{config: map{destinations: [any], pipeline_type: str, processor_groups: [map], processors: [map], sources: [any], use_legacy_search_syntax: bool}, name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/obs-pipelines/pipelines/validate @desc Validate an observability pipeline @required {data: map{attributes!: map, type!: str} # Contains the the pipeline configuration.} @returns(200) {errors: [map]} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/obs-pipelines/pipelines/{pipeline_id} @desc Delete a pipeline @required {pipeline_id: str # The ID of the pipeline to delete.} @returns(204) OK @errors {403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/obs-pipelines/pipelines/{pipeline_id} @desc Get a specific pipeline @required {pipeline_id: str # The ID of the pipeline to retrieve.} @returns(200) {data: map{attributes: map{config: map{destinations: [any], pipeline_type: str, processor_groups: [map], processors: [map], sources: [any], use_legacy_search_syntax: bool}, name: str}, id: str, type: str}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint PUT /api/v2/obs-pipelines/pipelines/{pipeline_id} @desc Update a pipeline @required {pipeline_id: str # The ID of the pipeline to update., data: map{attributes!: map, id!: str, type!: str} # Contains the pipeline’s ID, type, and configuration attributes.} @returns(200) {data: map{attributes: map{config: map{destinations: [any], pipeline_type: str, processor_groups: [map], processors: [map], sources: [any], use_legacy_search_syntax: bool}, name: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/on-call/escalation-policies @desc Create On-Call escalation policy @required {data: map{attributes!: map, relationships: map, type!: str} # Represents the data for creating an escalation policy, including its attributes, relationships, and resource type.} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`.} @returns(201) {data: map{attributes: map{name: str, resolve_page_on_policy_end: bool, retries: int(int64)}, id: str, relationships: map{steps: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/on-call/escalation-policies/{policy_id} @desc Delete On-Call escalation policy @required {policy_id: str # The ID of the escalation policy} @returns(204) No Content @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/escalation-policies/{policy_id} @desc Get On-Call escalation policy @required {policy_id: str # The ID of the escalation policy} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`.} @returns(200) {data: map{attributes: map{name: str, resolve_page_on_policy_end: bool, retries: int(int64)}, id: str, relationships: map{steps: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/on-call/escalation-policies/{policy_id} @desc Update On-Call escalation policy @required {policy_id: str # The ID of the escalation policy, data: map{attributes!: map, id!: str, relationships: map, type!: str} # Represents the data for updating an existing escalation policy, including its ID, attributes, relationships, and resource type.} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `steps`, `steps.targets`.} @returns(200) {data: map{attributes: map{name: str, resolve_page_on_policy_end: bool, retries: int(int64)}, id: str, relationships: map{steps: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/on-call/pages @desc Create On-Call Page @optional {data: map{attributes: map, type!: str} # The main request body, including attributes and resource type.} @returns(200) {data: map{id: str, type: str}} # OK. @errors {429: Too many requests} @endpoint POST /api/v2/on-call/pages/{page_id}/acknowledge @desc Acknowledge On-Call Page @required {page_id: str(uuid) # The page ID.} @returns(202) Accepted. @errors {429: Too many requests} @endpoint POST /api/v2/on-call/pages/{page_id}/escalate @desc Escalate On-Call Page @required {page_id: str(uuid) # The page ID.} @returns(202) Accepted. @errors {429: Too many requests} @endpoint POST /api/v2/on-call/pages/{page_id}/resolve @desc Resolve On-Call Page @required {page_id: str(uuid) # The page ID.} @returns(202) Accepted. @errors {429: Too many requests} @endpoint POST /api/v2/on-call/schedules @desc Create On-Call schedule @required {data: map{attributes!: map, relationships: map, type!: str} # The core data wrapper for creating a schedule, encompassing attributes, relationships, and the resource type.} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`.} @returns(201) {data: map{attributes: map{name: str, time_zone: str}, id: str, relationships: map{layers: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/on-call/schedules/{schedule_id} @desc Delete On-Call schedule @required {schedule_id: str # The ID of the schedule} @returns(204) No Content @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/schedules/{schedule_id} @desc Get On-Call schedule @required {schedule_id: str # The ID of the schedule} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`.} @returns(200) {data: map{attributes: map{name: str, time_zone: str}, id: str, relationships: map{layers: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # OK @errors {401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/on-call/schedules/{schedule_id} @desc Update On-Call schedule @required {schedule_id: str # The ID of the schedule, data: map{attributes!: map, id!: str, relationships: map, type!: str} # Contains all data needed to update an existing schedule, including its attributes (such as name and time zone) and any relationships to teams.} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `teams`, `layers`, `layers.members`, `layers.members.user`.} @returns(200) {data: map{attributes: map{name: str, time_zone: str}, id: str, relationships: map{layers: map{data: [map]}, teams: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/schedules/{schedule_id}/on-call @desc Get scheduled on-call user @required {schedule_id: str # The ID of the schedule.} @optional {include: str # Specifies related resources to include in the response as a comma-separated list. Allowed value: `user`., filter[at_ts]: str # Retrieves the on-call user at the given timestamp in RFC3339 format (for example, `2025-05-07T02:53:01Z` or `2025-05-07T02:53:01+00:00`). When using timezone offsets with `+` or `-`, ensure proper URL encoding (`+` should be encoded as `%2B`). Defaults to the current time if omitted.} @returns(200) {data: map{attributes: map{end: str(date-time), start: str(date-time)}, id: str, relationships: map{user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/teams/{team_id}/on-call @desc Get team on-call users @required {team_id: str # The team ID} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `responders`, `escalations`, `escalations.responders`.} @returns(200) {data: map{id: str, relationships: map{escalations: map{data: [map]}, responders: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/teams/{team_id}/routing-rules @desc Get On-Call team routing rules @required {team_id: str # The team ID} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `rules`, `rules.policy`.} @returns(200) {data: map{id: str, relationships: map{rules: map{data: [map]}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint PUT /api/v2/on-call/teams/{team_id}/routing-rules @desc Set On-Call team routing rules @required {team_id: str # The team ID} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `rules`, `rules.policy`., data: map{attributes: map, id: str, type!: str} # Holds the data necessary to create or update team routing rules, including attributes, ID, and resource type.} @returns(200) {data: map{id: str, relationships: map{rules: map{data: [map]}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/on-call/users/{user_id}/notification-channels @desc List On-Call notification channels for a user @required {user_id: str # The user ID} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/on-call/users/{user_id}/notification-channels @desc Create an On-Call notification channel for a user @required {user_id: str # The user ID, data: map{attributes: map, type!: str} # Data for creating an on-call notification channel} @returns(201) {data: map{attributes: map{active: bool, config: any}, id: str, type: str}} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/on-call/users/{user_id}/notification-channels/{channel_id} @desc Delete an On-Call notification channel for a user @required {user_id: str # The user ID, channel_id: str # The channel ID} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/users/{user_id}/notification-channels/{channel_id} @desc Get an On-Call notification channel for a user @required {user_id: str # The user ID, channel_id: str # The channel ID} @returns(200) {data: map{attributes: map{active: bool, config: any}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/users/{user_id}/notification-rules @desc List On-Call notification rules for a user @required {user_id: str # The user ID} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `channel`.} @returns(200) {data: [map], included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/on-call/users/{user_id}/notification-rules @desc Create an On-Call notification rule for a user @required {user_id: str # The user ID, data: map{attributes: map, relationships: map, type!: str} # Data for creating an on-call notification rule} @returns(201) {data: map{attributes: map{category: str, channel_settings: any, delay_minutes: int(int64)}, id: str, relationships: map{channel: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/on-call/users/{user_id}/notification-rules/{rule_id} @desc Delete an On-Call notification rule for a user @required {user_id: str # The user ID, rule_id: str # The rule ID} @returns(204) No Content @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/on-call/users/{user_id}/notification-rules/{rule_id} @desc Get an On-Call notification rule for a user @required {user_id: str # The user ID, rule_id: str # The rule ID} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `channel`.} @returns(200) {data: map{attributes: map{category: str, channel_settings: any, delay_minutes: int(int64)}, id: str, relationships: map{channel: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/on-call/users/{user_id}/notification-rules/{rule_id} @desc Update an On-Call notification rule for a user @required {user_id: str # The user ID, rule_id: str # The rule ID, data: map{attributes: map, id: str, relationships: map, type!: str} # Data for updating an on-call notification rule} @optional {include: str # Comma-separated list of included relationships to be returned. Allowed values: `channel`.} @returns(200) {data: map{attributes: map{category: str, channel_settings: any, delay_minutes: int(int64)}, id: str, relationships: map{channel: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/org_configs @desc List Org Configs @returns(200) {data: [map]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/org_configs/{org_config_name} @desc Get a specific Org Config value @required {org_config_name: str # The name of an Org Config.} @returns(200) {data: map{attributes: map{description: str, modified_at: str(date-time)?, name: str, value: any, value_type: str}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/org_configs/{org_config_name} @desc Update a specific Org Config @required {org_config_name: str # The name of an Org Config., data: map{attributes!: map, type!: str} # An Org Config write operation.} @returns(200) {data: map{attributes: map{description: str, modified_at: str(date-time)?, name: str, value: any, value_type: str}, id: str, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/org_connections @desc List Org Connections @optional {sink_org_id: str # The Org ID of the sink org., source_org_id: str # The Org ID of the source org., limit: int(int64) # The limit of number of entries you want to return. Default is 1000., offset: int(int64) # The pagination offset which you want to query from. Default is 0.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/org_connections @desc Create Org Connection @required {data: map{attributes!: map, relationships!: map, type!: str} # Org connection creation data.} @returns(200) {data: map{attributes: map{connection_types: [str], created_at: str(date-time)}, id: str(uuid), relationships: map{created_by: map{data: map}, sink_org: map{data: map}, source_org: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/org_connections/{connection_id} @desc Delete Org Connection @required {connection_id: str(uuid) # The unique identifier of the org connection.} @returns(200) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/org_connections/{connection_id} @desc Update Org Connection @required {connection_id: str(uuid) # The unique identifier of the org connection., data: map{attributes!: map, id!: str(uuid), type!: str} # Org connection update data.} @returns(200) {data: map{attributes: map{connection_types: [str], created_at: str(date-time)}, id: str(uuid), relationships: map{created_by: map{data: map}, sink_org: map{data: map}, source_org: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/permissions @desc List permissions @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint GET /api/v2/posture_management/findings @desc List findings @optional {page[limit]: int(int64)=100 # Limit the number of findings returned. Must be <= 1000., snapshot_timestamp: int(int64) # Return findings for a given snapshot of time (Unix ms)., page[cursor]: str # Return the next page of findings pointed to by the cursor., filter[tags]: str # Return findings that have these associated tags (repeatable)., filter[evaluation_changed_at]: str # Return findings that have changed from pass to fail or vice versa on a specified date (Unix ms) or date range (using comparison operators)., filter[muted]: bool # Set to `true` to return findings that are muted. Set to `false` to return unmuted findings., filter[rule_id]: str # Return findings for the specified rule ID., filter[rule_name]: str # Return findings for the specified rule., filter[resource_type]: str # Return only findings for the specified resource type., filter[@resource_id]: str # Return only findings for the specified resource id., filter[discovery_timestamp]: str # Return findings that were found on a specified date (Unix ms) or date range (using comparison operators)., filter[evaluation]: str # Return only `pass` or `fail` findings., filter[status]: str # Return only findings with the specified status., filter[vulnerability_type]: [str] # Return findings that match the selected vulnerability types (repeatable)., detailed_findings: bool # Return additional fields for some findings.} @returns(200) {data: [map], meta: map{page: map{cursor: str, total_filtered_count: int(int64)}, snapshot_timestamp: int(int64)}} # OK @errors {400: Bad Request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not Found: The requested finding cannot be found., 429: Too many requests: The rate limit set by the API has been exceeded.} @endpoint PATCH /api/v2/posture_management/findings @desc Mute or unmute a batch of findings @required {data: map{attributes!: map, id!: str, meta!: map, type!: str} # Data object containing the new bulk mute properties of the finding.} @returns(200) {data: map{id: str, type: str}} # OK @errors {400: Bad Request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not Found: The requested finding cannot be found., 422: Invalid Request: The server understands the request syntax but cannot process it due to invalid data., 429: Too many requests: The rate limit set by the API has been exceeded.} @endpoint GET /api/v2/posture_management/findings/{finding_id} @desc Get a finding @required {finding_id: str # The ID of the finding.} @optional {snapshot_timestamp: int(int64) # Return the finding for a given snapshot of time (Unix ms).} @returns(200) {data: map{attributes: map{evaluation: str, evaluation_changed_at: int(int64), message: str, mute: map{description: str, expiration_date: int(int64), muted: bool, reason: str, start_date: int(int64), uuid: str}, resource: str, resource_configuration: map, resource_discovery_date: int(int64), resource_type: str, rule: map{id: str, name: str}, status: str, tags: [str]}, id: str, type: str}} # OK @errors {400: Bad Request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not Found: The requested finding cannot be found., 429: Too many requests: The rate limit set by the API has been exceeded.} @endpoint GET /api/v2/powerpacks @desc Get all powerpacks @optional {page[limit]: int(int64)=25 # Maximum number of powerpacks in the response., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page.} @returns(200) {data: [map], included: [map], links: map{first: str, last: str?, next: str, prev: str?, self: str}, meta: map{pagination: map{first_offset: int(int64), last_offset: int(int64)?, limit: int(int64), next_offset: int(int64), offset: int(int64), prev_offset: int(int64), total: int(int64), type: str}}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/powerpacks @desc Create a new powerpack @optional {data: map{attributes: map, id: str, relationships: map, type: str} # Powerpack data object.} @returns(200) {data: map{attributes: map{description: str, group_widget: map{definition: map, layout: map, live_span: str}, name: str, tags: [str], template_variables: [map]}, id: str, relationships: map{author: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint DELETE /api/v2/powerpacks/{powerpack_id} @desc Delete a powerpack @required {powerpack_id: str # Powerpack id} @returns(204) OK @errors {404: Powerpack Not Found, 429: Too many requests} @endpoint GET /api/v2/powerpacks/{powerpack_id} @desc Get a Powerpack @required {powerpack_id: str # ID of the powerpack.} @returns(200) {data: map{attributes: map{description: str, group_widget: map{definition: map, layout: map, live_span: str}, name: str, tags: [str], template_variables: [map]}, id: str, relationships: map{author: map{data: map}}, type: str}, included: [map]} # OK @errors {404: Powerpack Not Found., 429: Too many requests} @endpoint PATCH /api/v2/powerpacks/{powerpack_id} @desc Update a powerpack @required {powerpack_id: str # ID of the powerpack.} @optional {data: map{attributes: map, id: str, relationships: map, type: str} # Powerpack data object.} @returns(200) {data: map{attributes: map{description: str, group_widget: map{definition: map, layout: map, live_span: str}, name: str, tags: [str], template_variables: [map]}, id: str, relationships: map{author: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 404: Powerpack Not Found, 429: Too many requests} @endpoint GET /api/v2/processes @desc Get all processes @optional {search: str # String to search processes by., tags: str # Comma-separated list of tags to filter processes by., from: int(int64) # Unix timestamp (number of seconds since epoch) of the start of the query window. If not provided, the start of the query window will be 15 minutes before the `to` timestamp. If neither `from` nor `to` are provided, the query window will be `[now - 15m, now]`., to: int(int64) # Unix timestamp (number of seconds since epoch) of the end of the query window. If not provided, the end of the query window will be 15 minutes after the `from` timestamp. If neither `from` nor `to` are provided, the query window will be `[now - 15m, now]`., page[limit]: int(int32)=1000 # Maximum number of results returned., page[cursor]: str # String to query the next page of results. This key is provided with each valid response from the API in `meta.page.after`.} @returns(200) {data: [map], meta: map{page: map{after: str, size: int(int32)}}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint POST /api/v2/prodlytics @desc Send server-side events @required {application: map{id!: str} # The application in which you want to send your events., event: map{name!: str} # Fields used for the event., type: str # The type of Product Analytics event. Must be `server` for server-side events.} @optional {account: map{id!: str} # The account linked to your event., session: map{id!: str} # The session linked to your event., usr: map{id!: str} # The user linked to your event.} @returns(202) Request accepted for processing (always 202 empty JSON). @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 408: Request Timeout, 413: Payload Too Large, 429: Too Many Requests, 500: Internal Server Error, 503: Service Unavailable} @example_request {"account":{"id":"account-456"},"application":{"id":"123abcde-123a-123b-1234-123456789abc"},"event":{"name":"checkout.completed"},"type":"server"} @endpoint POST /api/v2/product-analytics/accounts/facet_info @desc Get account facet info @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for the facet info request.} @returns(200) {data: map{attributes: map{result: map{range: map, values: [map]}}, id: str, type: str}} # Successful response with facet information @errors {429: Too many requests} @endpoint POST /api/v2/product-analytics/accounts/query @desc Query accounts @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for querying accounts.} @returns(200) {data: map{attributes: map{hits: [any], total: int(int64)}, id: str, type: str}} # Successful response with account data @errors {429: Too many requests} @endpoint POST /api/v2/product-analytics/analytics/scalar @desc Compute scalar analytics @required {data: map{attributes!: map, type!: str} # Data object for an analytics request.} @returns(200) {data: map{attributes: map{columns: [map]}, id: str, type: str}, meta: map{request_id: str, status: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/product-analytics/analytics/timeseries @desc Compute timeseries analytics @required {data: map{attributes!: map, type!: str} # Data object for an analytics request.} @returns(200) {data: map{attributes: map{intervals: [map], series: [map], times: [int(int64)], values: [[num(double)]]}, id: str, type: str}, meta: map{request_id: str, status: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/product-analytics/users/event_filtered_query @desc Query event filtered users @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for querying event-filtered users.} @returns(200) {data: map{attributes: map{hits: [any], total: int(int64)}, id: str, type: str}} # Successful response with filtered user data @errors {429: Too many requests} @endpoint POST /api/v2/product-analytics/users/facet_info @desc Get user facet info @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for the facet info request.} @returns(200) {data: map{attributes: map{result: map{range: map, values: [map]}}, id: str, type: str}} # Successful response with facet information @errors {429: Too many requests} @endpoint POST /api/v2/product-analytics/users/query @desc Query users @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for querying users.} @returns(200) {data: map{attributes: map{hits: [any], total: int(int64)}, id: str, type: str}} # Successful response with user data @errors {429: Too many requests} @endpoint GET /api/v2/product-analytics/{entity}/mapping @desc Get mapping @required {entity: str # The entity for which to get the mapping} @returns(200) {data: map{attributes: map{attributes: [map]}, id: str, type: str}} # Successful response with entity mapping configuration @errors {429: Too many requests} @endpoint POST /api/v2/product-analytics/{entity}/mapping/connection @desc Create connection @required {entity: str # The entity for which to create the connection} @optional {data: map{attributes: map, id: str, type!: str} # The data object containing the resource type and attributes for creating a new connection.} @returns(201) Connection created successfully @errors {429: Too many requests} @endpoint PUT /api/v2/product-analytics/{entity}/mapping/connection @desc Update connection @required {entity: str # The entity for which to update the connection} @optional {data: map{attributes: map, id!: str, type!: str} # The data object containing the resource identifier and attributes for updating an existing connection.} @returns(200) Connection updated successfully @errors {429: Too many requests} @endpoint DELETE /api/v2/product-analytics/{entity}/mapping/connection/{id} @desc Delete connection @required {id: str # The connection ID to delete, entity: str # The entity for which to delete the connection} @returns(204) Connection deleted successfully @errors {429: Too many requests} @endpoint GET /api/v2/product-analytics/{entity}/mapping/connections @desc List connections @required {entity: str # The entity for which to list connections} @returns(200) {data: map{attributes: map{connections: [map]}, id: str, type: str}} # Successful response with list of connections @errors {429: Too many requests} @endpoint POST /api/v2/query/scalar @desc Query scalar data across multiple products @required {data: map{attributes!: map, type!: str} # A single scalar query to be executed.} @returns(200) {data: map{attributes: map{columns: [any]}, type: str}, errors: str} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/query/timeseries @desc Query timeseries data across multiple products @required {data: map{attributes!: map, type!: str} # A single timeseries query to be executed.} @returns(200) {data: map{attributes: map{series: [map], times: [int(int64)], values: [[num(double)]]}, type: str}, errors: str} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/reference-tables/queries/batch-rows @desc Batch rows query @optional {data: map{attributes: map, type!: str} # Data object for a batch rows query request.} @returns(200) {data: map{id: str, relationships: map{rows: map{data: [map]}}, type: str}} # Successfully retrieved rows. Some or all requested rows were found. Response includes found rows in the included section. @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests, 500: Internal Server Error} @example_request {"data":{"attributes":{"row_ids":["row_id_1","row_id_2"],"table_id":"00000000-0000-0000-0000-000000000000"},"type":"reference-tables-batch-rows-query"}} @endpoint GET /api/v2/reference-tables/tables @desc List tables @optional {page[limit]: int(int64)=15 # Number of tables to return., page[offset]: int(int64)=0 # Number of tables to skip for pagination., sort: str # Sort field and direction for the list of reference tables. Use field name for ascending, prefix with "-" for descending., filter[status]: str # Filter by table status., filter[table_name][exact]: str # Filter by exact table name match., filter[table_name][contains]: str # Filter by table name containing substring.} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/reference-tables/tables @desc Create reference table @optional {data: map{attributes: map, type!: str} # The data object containing the table definition.} @returns(201) {data: map{attributes: map{created_by: str, description: str, file_metadata: map{access_details: map, error_message: str, error_row_count: int(int64), error_type: str, sync_enabled: bool}, last_updated_by: str, row_count: int(int64), schema: map{fields: [map], primary_keys: [str]}, source: str, status: str, table_name: str, tags: [str], updated_at: str}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @example_request {"data":{"attributes":{"description":"Customer reference data synced from S3","file_metadata":{"access_details":{"aws_detail":{"aws_account_id":"924305315327","aws_bucket_name":"my-data-bucket","file_path":"customers.csv"}},"sync_enabled":true},"schema":{"fields":[{"name":"customer_id","type":"STRING"},{"name":"customer_name","type":"STRING"},{"name":"email","type":"STRING"}],"primary_keys":["customer_id"]},"source":"S3","table_name":"customer_reference_data","tags":["team:data-platform"]},"type":"reference_table"}} @endpoint DELETE /api/v2/reference-tables/tables/{id} @desc Delete table @required {id: str # Unique identifier of the reference table to delete} @returns(200) OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/reference-tables/tables/{id} @desc Get table @required {id: str # Unique identifier of the reference table to retrieve} @returns(200) {data: map{attributes: map{created_by: str, description: str, file_metadata: map{access_details: map, error_message: str, error_row_count: int(int64), error_type: str, sync_enabled: bool}, last_updated_by: str, row_count: int(int64), schema: map{fields: [map], primary_keys: [str]}, source: str, status: str, table_name: str, tags: [str], updated_at: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/reference-tables/tables/{id} @desc Update reference table @required {id: str # Unique identifier of the reference table to update} @optional {data: map{attributes: map, type!: str} # The data object containing the partial table definition updates.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/reference-tables/tables/{id}/rows @desc Delete rows @required {id: str # Unique identifier of the reference table to delete rows from, data: [map{id!: str, type!: str}] # List of row resources to delete from the reference table.} @returns(200) Rows deleted successfully @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests, 500: Internal Server Error} @endpoint GET /api/v2/reference-tables/tables/{id}/rows @desc Get rows by id @required {id: str # Unique identifier of the reference table to get rows from, row_id: [str] # List of row IDs (primary key values) to retrieve from the reference table.} @returns(200) {data: [map]} # Some or all requested rows were found. @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/reference-tables/tables/{id}/rows @desc Upsert rows @required {id: str # Unique identifier of the reference table to upsert rows into, data: [map{attributes: map, id!: str, type!: str}] # List of row resources to create or update in the reference table.} @returns(200) Rows created or updated successfully @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests, 500: Internal Server Error} @example_request {"data":[{"attributes":{"values":{"age":25,"example_key_value":"primary_key_value","name":"row_name"}},"id":"primary_key_value","type":"row"}]} @endpoint POST /api/v2/reference-tables/uploads @desc Create reference table upload @optional {data: map{attributes: map, type!: str} # Request data for creating an upload for a file to be ingested into a reference table.} @returns(201) {data: map{attributes: map{part_urls: [str]}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/asm/waf/custom_rules @desc List all WAF custom rules @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/remote_config/products/asm/waf/custom_rules @desc Create a WAF custom rule @required {data: map{attributes!: map, type!: str} # Object for a single WAF custom rule.} @returns(201) {data: map{attributes: map{action: map{action: str, parameters: map}, blocking: bool, conditions: [map], enabled: bool, metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, name: str, path_glob: str, scope: [map], tags: map{category: str, type: str}}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Not Authorized, 409: Concurrent Modification, 429: Too many requests} @endpoint DELETE /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} @desc Delete a WAF Custom Rule @required {custom_rule_id: str # The ID of the custom rule.} @returns(204) No Content @errors {403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} @desc Get a WAF custom rule @required {custom_rule_id: str # The ID of the custom rule.} @returns(200) {data: map{attributes: map{action: map{action: str, parameters: map}, blocking: bool, conditions: [map], enabled: bool, metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, name: str, path_glob: str, scope: [map], tags: map{category: str, type: str}}, id: str, type: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint PUT /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} @desc Update a WAF Custom Rule @required {custom_rule_id: str # The ID of the custom rule., data: map{attributes!: map, type!: str} # Object for a single WAF Custom Rule.} @returns(200) {data: map{attributes: map{action: map{action: str, parameters: map}, blocking: bool, conditions: [map], enabled: bool, metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, name: str, path_glob: str, scope: [map], tags: map{category: str, type: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/asm/waf/exclusion_filters @desc List all WAF exclusion filters @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/remote_config/products/asm/waf/exclusion_filters @desc Create a WAF exclusion filter @required {data: map{attributes!: map, type!: str} # Object for creating a single WAF exclusion filter.} @returns(200) {data: map{attributes: map{description: str, enabled: bool, event_query: str, ip_list: [str], metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, on_match: str, parameters: [str], path_glob: str, rules_target: [map], scope: [map], search_query: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Concurrent Modification, 429: Too many requests} @endpoint DELETE /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} @desc Delete a WAF exclusion filter @required {exclusion_filter_id: str # The identifier of the WAF exclusion filter.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} @desc Get a WAF exclusion filter @required {exclusion_filter_id: str # The identifier of the WAF exclusion filter.} @returns(200) {data: map{attributes: map{description: str, enabled: bool, event_query: str, ip_list: [str], metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, on_match: str, parameters: [str], path_glob: str, rules_target: [map], scope: [map], search_query: str}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} @desc Update a WAF exclusion filter @required {exclusion_filter_id: str # The identifier of the WAF exclusion filter., data: map{attributes!: map, type!: str} # Object for updating a single WAF exclusion filter.} @returns(200) {data: map{attributes: map{description: str, enabled: bool, event_query: str, ip_list: [str], metadata: map{added_at: str(date-time), added_by: str, added_by_name: str, modified_at: str(date-time), modified_by: str, modified_by_name: str}, on_match: str, parameters: [str], path_glob: str, rules_target: [map], scope: [map], search_query: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/cws/agent_rules @desc Get all Workload Protection agent rules @optional {policy_id: str # The ID of the Agent policy} @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/remote_config/products/cws/agent_rules @desc Create a Workload Protection agent rule @required {data: map{attributes!: map, type!: str} # Object for a single Agent rule} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} @desc Delete a Workload Protection agent rule @required {agent_rule_id: str # The ID of the Agent rule} @optional {policy_id: str # The ID of the Agent policy} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} @desc Get a Workload Protection agent rule @required {agent_rule_id: str # The ID of the Agent rule} @optional {policy_id: str # The ID of the Agent policy} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} @desc Update a Workload Protection agent rule @required {agent_rule_id: str # The ID of the Agent rule, data: map{attributes!: map, id: str, type!: str} # Object for a single Agent rule} @optional {policy_id: str # The ID of the Agent policy} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/cws/policy @desc Get all Workload Protection policies @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/remote_config/products/cws/policy @desc Create a Workload Protection policy @required {data: map{attributes!: map, type!: str} # Object for a single Agent rule} @returns(200) {data: map{attributes: map{blockingRulesCount: int(int32), datadogManaged: bool, description: str, disabledRulesCount: int(int32), enabled: bool, hostTags: [str], hostTagsLists: [[str]], monitoringRulesCount: int(int32), name: str, pinned: bool, policyType: str, policyVersion: str, priority: int(int64), ruleCount: int(int32), updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, versions: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/cws/policy/download @desc Download the Workload Protection policy @returns(200) OK @errors {403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/remote_config/products/cws/policy/{policy_id} @desc Delete a Workload Protection policy @required {policy_id: str # The ID of the Agent policy} @returns(202) OK @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/remote_config/products/cws/policy/{policy_id} @desc Get a Workload Protection policy @required {policy_id: str # The ID of the Agent policy} @returns(200) {data: map{attributes: map{blockingRulesCount: int(int32), datadogManaged: bool, description: str, disabledRulesCount: int(int32), enabled: bool, hostTags: [str], hostTagsLists: [[str]], monitoringRulesCount: int(int32), name: str, pinned: bool, policyType: str, policyVersion: str, priority: int(int64), ruleCount: int(int32), updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, versions: [map]}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/remote_config/products/cws/policy/{policy_id} @desc Update a Workload Protection policy @required {policy_id: str # The ID of the Agent policy, data: map{attributes!: map, id: str, type!: str} # Object for a single Agent policy} @returns(200) {data: map{attributes: map{blockingRulesCount: int(int32), datadogManaged: bool, description: str, disabledRulesCount: int(int32), enabled: bool, hostTags: [str], hostTagsLists: [[str]], monitoringRulesCount: int(int32), name: str, pinned: bool, policyType: str, policyVersion: str, priority: int(int64), ruleCount: int(int32), updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, versions: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/replay/heatmap/snapshots @desc List replay heatmap snapshots @required {filter[view_name]: str # View name to filter snapshots.} @optional {filter[device_type]: str # Device type to filter snapshots., page[limit]: int # Maximum number of snapshots to return., filter[application_id]: str # Filter by application ID.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/replay/heatmap/snapshots @desc Create replay heatmap snapshot @required {data: map{attributes: map, type!: str} # Data object for a heatmap snapshot creation request, containing the resource type and attributes.} @returns(201) {data: map{attributes: map{application_id: str, created_at: str(date-time), created_by: str, created_by_handle: str, created_by_user_id: int(int64), device_type: str, event_id: str, is_device_type_selected_by_user: bool, modified_at: str(date-time), org_id: int(int64), session_id: str, snapshot_name: str, start: int(int64), view_id: str, view_name: str}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/replay/heatmap/snapshots/{snapshot_id} @desc Delete replay heatmap snapshot @required {snapshot_id: str # Unique identifier of the heatmap snapshot.} @returns(204) No Content @errors {429: Too many requests} @endpoint PATCH /api/v2/replay/heatmap/snapshots/{snapshot_id} @desc Update replay heatmap snapshot @required {snapshot_id: str # Unique identifier of the heatmap snapshot., data: map{attributes: map, id: str, type!: str} # Data object for a heatmap snapshot update request, containing the resource identifier, type, and attributes.} @returns(200) {data: map{attributes: map{application_id: str, created_at: str(date-time), created_by: str, created_by_handle: str, created_by_user_id: int(int64), device_type: str, event_id: str, is_device_type_selected_by_user: bool, modified_at: str(date-time), org_id: int(int64), session_id: str, snapshot_name: str, start: int(int64), view_id: str, view_name: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/restriction_policy/{resource_id} @desc Delete a restriction policy @required {resource_id: str # Identifier, formatted as `type:id`. Supported types: `dashboard`, `integration-service`, `integration-webhook`, `notebook`, `powerpack`, `reference-table`, `security-rule`, `slo`, `synthetics-global-variable`, `synthetics-test`, `synthetics-private-location`, `monitor`, `workflow`, `app-builder-app`, `connection`, `connection-group`, `rum-application`, `cross-org-connection`, `spreadsheet`, `on-call-schedule`, `on-call-escalation-policy`, `on-call-team-routing-rules`, `logs-pipeline`, `case-management-project`, `monitor-notification-rule`.} @returns(204) No Content @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/restriction_policy/{resource_id} @desc Get a restriction policy @required {resource_id: str # Identifier, formatted as `type:id`. Supported types: `dashboard`, `integration-service`, `integration-webhook`, `notebook`, `powerpack`, `reference-table`, `security-rule`, `slo`, `synthetics-global-variable`, `synthetics-test`, `synthetics-private-location`, `monitor`, `workflow`, `app-builder-app`, `connection`, `connection-group`, `rum-application`, `cross-org-connection`, `spreadsheet`, `on-call-schedule`, `on-call-escalation-policy`, `on-call-team-routing-rules`, `logs-pipeline`, `case-management-project`, `monitor-notification-rule`.} @returns(200) {data: map{attributes: map{bindings: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/restriction_policy/{resource_id} @desc Update a restriction policy @required {resource_id: str # Identifier, formatted as `type:id`. Supported types: `dashboard`, `integration-service`, `integration-webhook`, `notebook`, `powerpack`, `reference-table`, `security-rule`, `slo`, `synthetics-global-variable`, `synthetics-test`, `synthetics-private-location`, `monitor`, `workflow`, `app-builder-app`, `connection`, `connection-group`, `rum-application`, `cross-org-connection`, `spreadsheet`, `on-call-schedule`, `on-call-escalation-policy`, `on-call-team-routing-rules`, `logs-pipeline`, `case-management-project`, `monitor-notification-rule`., data: map{attributes!: map, id!: str, type!: str} # Restriction policy object.} @optional {allow_self_lockout: bool # Allows admins (users with the `user_access_manage` permission) to remove their own access from the resource if set to `true`. By default, this is set to `false`, preventing admins from locking themselves out.} @returns(200) {data: map{attributes: map{bindings: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/roles @desc List roles @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Sort roles depending on the given field. Sort order is **ascending** by default. Sort order is **descending** if the field is prefixed by a negative sign, for example: `sort=-name`., filter: str # Filter all roles by the given string., filter[id]: str # Filter all roles by the given list of role IDs.} @returns(200) {data: [map], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {403: Authentication error, 429: Too many requests} @endpoint POST /api/v2/roles @desc Create role @required {data: map{attributes!: map, relationships: map, type: str} # Data related to the creation of a role.} @returns(200) {data: map{attributes: map{created_at: str(date-time), modified_at: str(date-time), name: str, receives_permissions_from: [str]}, id: str, relationships: map{permissions: map{data: [map]}}, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint GET /api/v2/roles/templates @desc List role templates @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/roles/{role_id} @desc Delete role @required {role_id: str # The unique identifier of the role.} @returns(204) OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/roles/{role_id} @desc Get a role @required {role_id: str # The unique identifier of the role.} @returns(200) {data: map{attributes: map{created_at: str(date-time), modified_at: str(date-time), name: str, receives_permissions_from: [str], user_count: int(int64)}, id: str, relationships: map{permissions: map{data: [map]}}, type: str}} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint PATCH /api/v2/roles/{role_id} @desc Update a role @required {role_id: str # The unique identifier of the role., data: map{attributes!: map, id!: str, relationships: map, type!: str} # Data related to the update of a role.} @returns(200) {data: map{attributes: map{created_at: str(date-time), modified_at: str(date-time), name: str, receives_permissions_from: [str], user_count: int(int32)}, id: str, relationships: map{permissions: map{data: [map]}}, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 422: Unprocessable Entity, 429: Too many requests} @endpoint POST /api/v2/roles/{role_id}/clone @desc Create a new role by cloning an existing role @required {role_id: str # The unique identifier of the role., data: map{attributes!: map, type!: str} # Data for the clone role request.} @returns(200) {data: map{attributes: map{created_at: str(date-time), modified_at: str(date-time), name: str, receives_permissions_from: [str], user_count: int(int64)}, id: str, relationships: map{permissions: map{data: [map]}}, type: str}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/roles/{role_id}/permissions @desc Revoke permission @required {role_id: str # The unique identifier of the role.} @optional {data: map{id: str, type: str} # Relationship to permission object.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/roles/{role_id}/permissions @desc List permissions for a role @required {role_id: str # The unique identifier of the role.} @returns(200) {data: [map]} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint POST /api/v2/roles/{role_id}/permissions @desc Grant permission to a role @required {role_id: str # The unique identifier of the role.} @optional {data: map{id: str, type: str} # Relationship to permission object.} @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint DELETE /api/v2/roles/{role_id}/users @desc Remove a user from a role @required {role_id: str # The unique identifier of the role., data: map{id!: str, type!: str} # Relationship to user object.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/roles/{role_id}/users @desc Get all users of a role @required {role_id: str # The unique identifier of the role.} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str=name # User attribute to order results by. Sort order is **ascending** by default. Sort order is **descending** if the field is prefixed by a negative sign, for example `sort=-name`. Options: `name`, `email`, `status`., filter: str # Filter all users by the given string. Defaults to no filtering.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint POST /api/v2/roles/{role_id}/users @desc Add a user to a role @required {role_id: str # The unique identifier of the role., data: map{id!: str, type!: str} # Relationship to user object.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 429: Too many requests} @endpoint POST /api/v2/rum/analytics/aggregate @desc Aggregate RUM events @optional {compute: [map{aggregation!: str, interval: str, metric: str, type: str}] # The list of metrics or timeseries to compute for the retrieved buckets., filter: map{from: str, query: str, to: str} # The search and filter query settings., group_by: [map{facet!: str, histogram: map, limit: int(int64), missing: any, sort: map, total: any}] # The rules for the group by., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Note: Only supply timezone or time offset, not both. Otherwise, the query fails., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing events.} @returns(200) {data: map{buckets: [map]}, links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/rum/applications @desc List all the RUM applications @returns(200) {data: [map]} # OK @errors {404: Not Found, 429: Too many requests} @endpoint POST /api/v2/rum/applications @desc Create a new RUM application @required {data: map{attributes!: map, type!: str} # RUM application creation.} @returns(200) {data: map{attributes: map{api_key_id: int(int32), application_id: str, client_token: str, created_at: int(int64), created_by_handle: str, hash: str, is_active: bool, name: str, org_id: int(int32), product_scales: map{product_analytics_retention_scale: map, rum_event_processing_scale: map}, type: str, updated_at: int(int64), updated_by_handle: str}, id: str, type: str}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint PATCH /api/v2/rum/applications/{app_id}/relationships/retention_filters @desc Order RUM retention filters @required {app_id: str # RUM application ID.} @optional {data: [map{id!: str, type!: str}] # A list of RUM retention filter IDs along with type.} @returns(200) {data: [map]} # Ordered @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/rum/applications/{app_id}/retention_filters @desc Get all RUM retention filters @required {app_id: str # RUM application ID.} @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/rum/applications/{app_id}/retention_filters @desc Create a RUM retention filter @required {app_id: str # RUM application ID., data: map{attributes!: map, type!: str} # The new RUM retention filter properties to create.} @returns(201) {data: map{attributes: map{cross_product_sampling: map{trace_enabled: bool, trace_sample_rate: num(double)}, enabled: bool, event_type: str, name: str, query: str, sample_rate: num(double)}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} @desc Delete a RUM retention filter @required {app_id: str # RUM application ID., rf_id: str # Retention filter ID.} @returns(204) No Content @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} @desc Get a RUM retention filter @required {app_id: str # RUM application ID., rf_id: str # Retention filter ID.} @returns(200) {data: map{attributes: map{cross_product_sampling: map{trace_enabled: bool, trace_sample_rate: num(double)}, enabled: bool, event_type: str, name: str, query: str, sample_rate: num(double)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} @desc Update a RUM retention filter @required {app_id: str # RUM application ID., rf_id: str # Retention filter ID., data: map{attributes!: map, id!: str, type!: str} # The new RUM retention filter properties to update.} @returns(200) {data: map{attributes: map{cross_product_sampling: map{trace_enabled: bool, trace_sample_rate: num(double)}, enabled: bool, event_type: str, name: str, query: str, sample_rate: num(double)}, id: str, type: str}} # Updated @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/rum/applications/{id} @desc Delete a RUM application @required {id: str # RUM application ID.} @returns(204) No Content @errors {404: Not Found, 429: Too many requests} @endpoint GET /api/v2/rum/applications/{id} @desc Get a RUM application @required {id: str # RUM application ID.} @returns(200) {data: map{attributes: map{api_key_id: int(int32), application_id: str, client_token: str, created_at: int(int64), created_by_handle: str, hash: str, is_active: bool, name: str, org_id: int(int32), product_scales: map{product_analytics_retention_scale: map, rum_event_processing_scale: map}, type: str, updated_at: int(int64), updated_by_handle: str}, id: str, type: str}} # OK @errors {404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/rum/applications/{id} @desc Update a RUM application @required {id: str # RUM application ID., data: map{attributes: map, id!: str, type!: str} # RUM application update.} @returns(200) {data: map{attributes: map{api_key_id: int(int32), application_id: str, client_token: str, created_at: int(int64), created_by_handle: str, hash: str, is_active: bool, name: str, org_id: int(int32), product_scales: map{product_analytics_retention_scale: map, rum_event_processing_scale: map}, type: str, updated_at: int(int64), updated_by_handle: str}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 422: Unprocessable Entity., 429: Too many requests} @endpoint GET /api/v2/rum/config/metrics @desc Get all rum-based metrics @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/rum/config/metrics @desc Create a rum-based metric @required {data: map{attributes!: map, id!: str, type!: str} # The new rum-based metric properties.} @returns(201) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, event_type: str, filter: map{query: str}, group_by: [map], uniqueness: map{when: str}}, id: str, type: str}} # Created @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/rum/config/metrics/{metric_id} @desc Delete a rum-based metric @required {metric_id: str # The name of the rum-based metric.} @returns(204) No Content @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/rum/config/metrics/{metric_id} @desc Get a rum-based metric @required {metric_id: str # The name of the rum-based metric.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, event_type: str, filter: map{query: str}, group_by: [map], uniqueness: map{when: str}}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/rum/config/metrics/{metric_id} @desc Update a rum-based metric @required {metric_id: str # The name of the rum-based metric., data: map{attributes!: map, id: str, type!: str} # The new rum-based metric properties.} @returns(200) {data: map{attributes: map{compute: map{aggregation_type: str, include_percentiles: bool, path: str}, event_type: str, filter: map{query: str}, group_by: [map], uniqueness: map{when: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/rum/events @desc Get a list of RUM events @optional {filter[query]: str # Search query following RUM syntax., filter[from]: str(date-time) # Minimum timestamp for requested events., filter[to]: str(date-time) # Maximum timestamp for requested events., sort: str # Order of events in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of events in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/rum/events/search @desc Search RUM events @optional {filter: map{from: str, query: str, to: str} # The search and filter query settings., options: map{time_offset: int(int64), timezone: str} # Global query options that are used during the query. Note: Only supply timezone or time offset, not both. Otherwise, the query fails., page: map{cursor: str, limit: int(int32)} # Paging attributes for listing events., sort: str(timestamp/-timestamp) # Sort parameters when querying events.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/rum/replay/playlists @desc List rum replay playlists @optional {filter[created_by_uuid]: str # Filter playlists by the UUID of the user who created them., filter[query]: str # Search query to filter playlists by name., page[number]: int # Page number for pagination (0-indexed)., page[size]: int # Number of items per page.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/rum/replay/playlists @desc Create rum replay playlist @required {data: map{attributes: map, id: str, type!: str} # Data object representing a RUM replay playlist, including its identifier, type, and attributes.} @returns(201) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, icon: str, id: str, name: str, uuid: str}, description: str, name: str, session_count: int(int64), updated_at: str(date-time)}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/rum/replay/playlists/{playlist_id} @desc Delete rum replay playlist @required {playlist_id: int # Unique identifier of the playlist.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/rum/replay/playlists/{playlist_id} @desc Get rum replay playlist @required {playlist_id: int # Unique identifier of the playlist.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, icon: str, id: str, name: str, uuid: str}, description: str, name: str, session_count: int(int64), updated_at: str(date-time)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PUT /api/v2/rum/replay/playlists/{playlist_id} @desc Update rum replay playlist @required {playlist_id: int # Unique identifier of the playlist., data: map{attributes: map, id: str, type!: str} # Data object representing a RUM replay playlist, including its identifier, type, and attributes.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: map{handle: str, icon: str, id: str, name: str, uuid: str}, description: str, name: str, session_count: int(int64), updated_at: str(date-time)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/rum/replay/playlists/{playlist_id}/sessions @desc Bulk remove rum replay playlist sessions @required {playlist_id: int # Unique identifier of the playlist., data: [map{id: str, type!: str}] # Array of session identifier data objects.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/rum/replay/playlists/{playlist_id}/sessions @desc List rum replay playlist sessions @required {playlist_id: int # Unique identifier of the playlist.} @optional {page[number]: int # Page number for pagination (0-indexed)., page[size]: int # Number of items per page.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/rum/replay/playlists/{playlist_id}/sessions/{session_id} @desc Remove rum replay session from playlist @required {playlist_id: int # Unique identifier of the playlist., session_id: str # Unique identifier of the session.} @returns(204) No Content @errors {429: Too many requests} @endpoint PUT /api/v2/rum/replay/playlists/{playlist_id}/sessions/{session_id} @desc Add rum replay session to playlist @required {ts: int(int64) # Server-side timestamp in milliseconds., playlist_id: int # Unique identifier of the playlist., session_id: str # Unique identifier of the session.} @optional {data_source: str # Data source type. Valid values: 'rum' or 'product_analytics'. Defaults to 'rum'.} @returns(200) {data: map{attributes: map{session_event: map, track: str}, id: str, type: str}} # OK @returns(201) {data: map{attributes: map{session_event: map, track: str}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint GET /api/v2/rum/replay/sessions/{session_id}/views/{view_id}/segments @desc Get segments @required {view_id: str # Unique identifier of the view., session_id: str # Unique identifier of the session.} @optional {source: str # Storage source: 'event_platform' or 'blob'., ts: int(int64) # Server-side timestamp in milliseconds., max_list_size: int # Maximum size in bytes for the segment list., paging: str # Paging token for pagination.} @returns(200) OK @errors {429: Too many requests} @endpoint GET /api/v2/rum/replay/sessions/{session_id}/watchers @desc List rum replay session watchers @required {session_id: str # Unique identifier of the session.} @optional {page[size]: int # Number of items per page., page[number]: int # Page number for pagination (0-indexed).} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/rum/replay/sessions/{session_id}/watches @desc Delete rum replay session watch @required {session_id: str # Unique identifier of the session.} @returns(204) No Content @errors {429: Too many requests} @endpoint POST /api/v2/rum/replay/sessions/{session_id}/watches @desc Create rum replay session watch @required {session_id: str # Unique identifier of the session., data: map{attributes: map, id: str, type!: str} # Data object representing a session watch record, including its identifier, type, and attributes.} @returns(201) {data: map{attributes: map{application_id: str, data_source: str, event_id: str, timestamp: str(date-time)}, id: str, type: str}} # Created @errors {429: Too many requests} @endpoint GET /api/v2/rum/replay/viewership-history/sessions @desc List rum replay viewership history sessions @optional {filter[watched_at][start]: int(int64) # Start timestamp in milliseconds for watched_at filter., page[number]: int # Page number for pagination (0-indexed)., filter[created_by]: str # Filter by user UUID. Defaults to current user if not specified., filter[watched_at][end]: int(int64) # End timestamp in milliseconds for watched_at filter., filter[session_ids]: str # Comma-separated list of session IDs to filter by., page[size]: int # Number of items per page., filter[application_id]: str # Filter by application ID.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/saml_configurations/idp_metadata @desc Upload IdP metadata @returns(200) OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/scorecard/outcomes @desc List all rule outcomes @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., include: str # Include related rule details in the response., fields[outcome]: str # Return only specified values in the outcome attributes., fields[rule]: str # Return only specified values in the included rule details., filter[outcome][service_name]: str # Filter the outcomes on a specific service name., filter[outcome][state]: str # Filter the outcomes by a specific state., filter[rule][enabled]: bool # Filter outcomes on whether a rule is enabled/disabled., filter[rule][id]: str # Filter outcomes based on rule ID., filter[rule][name]: str # Filter outcomes based on rule name.} @returns(200) {data: [map], included: [map], links: map{next: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/scorecard/outcomes @desc Update Scorecard outcomes asynchronously @optional {data: map{attributes: map, type: str} # Scorecard outcomes batch request data.} @returns(202) Accepted @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/scorecard/outcomes/batch @desc Create outcomes batch @optional {data: map{attributes: map, type: str} # Scorecard outcomes batch request data.} @returns(200) {data: [map], meta: map{total_received: int(int64), total_updated: int(int64)}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/scorecard/rules @desc List all rules @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., include: str # Include related scorecard details in the response., filter[rule][id]: str # Filter the rules on a rule ID., filter[rule][enabled]: bool # Filter for enabled rules only., filter[rule][custom]: bool # Filter for custom rules only., filter[rule][name]: str # Filter rules on the rule name., filter[rule][description]: str # Filter rules on the rule description., fields[rule]: str # Return only specific fields in the response for rule attributes., fields[scorecard]: str # Return only specific fields in the included response for scorecard attributes.} @returns(200) {data: [map], links: map{next: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/scorecard/rules @desc Create a new rule @optional {data: map{attributes: map, type: str} # Scorecard create rule request data.} @returns(201) {data: map{attributes: map{category: str, created_at: str(date-time), custom: bool, description: str, enabled: bool, level: int(int32), modified_at: str(date-time), name: str, owner: str, scorecard_name: str}, id: str, relationships: map{scorecard: map{data: map}}, type: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/scorecard/rules/{rule_id} @desc Delete a rule @required {rule_id: str # The ID of the rule.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/scorecard/rules/{rule_id} @desc Update an existing rule @required {rule_id: str # The ID of the rule.} @optional {data: map{attributes: map, type: str} # Data for the request to update a scorecard rule.} @returns(200) {data: map{attributes: map{category: str, created_at: str(date-time), custom: bool, description: str, enabled: bool, level: int(int32), modified_at: str(date-time), name: str, owner: str, scorecard_name: str}, id: str, relationships: map{scorecard: map{data: map}}, type: str}} # Rule updated successfully @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/seats/users @desc Unassign seats from users @optional {data: map{attributes!: map, id: str, type!: str} # The request data object containing attributes for unassigning seats from users.} @returns(204) No Content @errors {400: Bad Request, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/seats/users @desc Get users with seats @required {product_code: str # The product code for which to retrieve seat users.} @optional {page[limit]: int # Maximum number of results to return., page[cursor]: str # Cursor for pagination.} @returns(200) {data: [map], meta: map{cursor: str, limit: int(int64), next_cursor: str}} # OK @errors {400: Bad Request, 422: Unprocessable Entity, 429: Too many requests} @endpoint POST /api/v2/seats/users @desc Assign seats to users @optional {data: map{attributes!: map, id: str, type!: str} # The request data object containing attributes for assigning seats to users.} @returns(201) {data: map{attributes: map{assigned_ids: [str], product_code: str}, id: str, type: str}} # Created @errors {400: Bad Request, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/security-entities/risk-scores @desc List Entity Risk Scores @optional {from: int(int64) # Start time for the query in Unix timestamp (milliseconds). Defaults to 2 weeks ago., to: int(int64) # End time for the query in Unix timestamp (milliseconds). Defaults to now., page[size]: int=10 # Size of the page to return. Maximum is 1000., page[number]: int=1 # Page number to return (1-indexed)., page[queryId]: str # Query ID for pagination consistency., filter[sort]: str # Sort order for results. Format: `field:direction` where direction is `asc` or `desc`. Supported fields: `riskScore`, `lastDetected`, `firstDetected`, `entityName`, `signalsDetected`., filter[query]: str # Supports filtering by entity attributes, risk scores, severity, and more. Example: `severity:critical AND entityType:aws_iam_user`, entityType: [str] # Filter by entity type(s). Can specify multiple values.} @returns(200) {data: [map], meta: map{pageNumber: int(int64), pageSize: int(int64), queryId: str, totalRowCount: int(int64)}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/security/cloud_workload/policy/download @desc Download the Workload Protection policy (US1-FED) @returns(200) OK @errors {403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/security/findings @desc List security findings @optional {filter[query]: str=* # The search query following log search syntax., page[cursor]: str # Get the next page of results with a cursor provided in the previous query., page[limit]: int(int64)=10 # The maximum number of findings in the response., sort: str # Sorts by @detection_changed_at.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/security/findings/cases @desc Detach security findings from their case @optional {data: map{relationships: map, type!: str} # Data for detaching security findings from their case.} @returns(204) No Content @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security/findings/cases @desc Create cases for security findings @required {data: [map{attributes: map, relationships: map, type!: str}] # Array of case creation request data objects.} @returns(201) {data: [map]} # Created @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security/findings/cases/{case_id} @desc Attach security findings to a case @required {case_id: str # Unique identifier of the case to attach security findings to} @optional {data: map{id!: str, relationships: map, type!: str} # Data of the case to attach security findings to.} @returns(200) {data: map{attributes: map{archived_at: str(date-time), assigned_to: map{data: map}, attributes: map, closed_at: str(date-time), created_at: str(date-time), creation_source: str, description: str, due_date: str, insights: [map], jira_issue: map{error_message: str, result: map, status: str}, key: str, modified_at: str(date-time), priority: str, status: str, status_group: str, status_name: str, title: str, type: str}, id: str, relationships: map{created_by: map{data: map}, modified_by: map{data: map}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security/findings/jira_issues @desc Attach security findings to a Jira issue @optional {data: map{attributes: map, relationships: map, type!: str} # Data of the Jira issue to attach security findings to.} @returns(200) {data: map{attributes: map{archived_at: str(date-time), assigned_to: map{data: map}, attributes: map, closed_at: str(date-time), created_at: str(date-time), creation_source: str, description: str, due_date: str, insights: [map], jira_issue: map{error_message: str, result: map, status: str}, key: str, modified_at: str(date-time), priority: str, status: str, status_group: str, status_name: str, title: str, type: str}, id: str, relationships: map{created_by: map{data: map}, modified_by: map{data: map}, project: map{data: map}}, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security/findings/jira_issues @desc Create Jira issues for security findings @required {data: [map{attributes: map, relationships: map, type!: str}] # Array of Jira issue creation request data objects.} @returns(201) {data: [map]} # Created @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security/findings/search @desc Search security findings @optional {data: map{attributes: map} # Request data for searching security findings.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/security/sboms @desc List assets SBOMs @optional {page[token]: str # Its value must come from the `links` section of the response of the first request. Do not manually edit it., page[number]: int(int64) # The page number to be retrieved. It should be equal to or greater than 1., filter[asset_type]: str # The type of the assets for the SBOM request., filter[asset_name]: str # The name of the asset for the SBOM request., filter[package_name]: str # The name of the component that is a dependency of an asset., filter[package_version]: str # The version of the component that is a dependency of an asset., filter[license_name]: str # The software license name of the component that is a dependency of an asset., filter[license_type]: str # The software license type of the component that is a dependency of an asset.} @returns(200) {data: [map], links: map{first: str, last: str, next: str, previous: str, self: str}, meta: map{count: int(int64), token: str, total: int(int64)}} # OK @errors {400: Bad request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not found: asset not found, 429: Too many requests} @endpoint GET /api/v2/security/sboms/{asset_type} @desc Get SBOM @required {asset_type: str # The type of the asset for the SBOM request., filter[asset_name]: str # The name of the asset for the SBOM request.} @optional {filter[repo_digest]: str # The container image `repo_digest` for the SBOM request. When the requested asset type is 'Image', this filter is mandatory., ext:format: str # The standard of the SBOM.} @returns(200) {data: map{attributes: map{bomFormat: str, components: [map], dependencies: [map], metadata: map{authors: [map], component: map, timestamp: str}, serialNumber: str, specVersion: str, version: int(int64)}, id: str, type: str}} # OK @errors {400: Bad request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not found: asset not found, 429: Too many requests} @endpoint GET /api/v2/security/scanned-assets-metadata @desc List scanned assets metadata @optional {page[token]: str # Its value must come from the `links` section of the response of the first request. Do not manually edit it., page[number]: int(int64) # The page number to be retrieved. It should be equal to or greater than 1., filter[asset.type]: str # The type of the scanned asset., filter[asset.name]: str # The name of the scanned asset., filter[last_success.origin]: str # The origin of last success scan., filter[last_success.env]: str # The environment of last success scan.} @returns(200) {data: [map], links: map{first: str, last: str, next: str, previous: str, self: str}, meta: map{count: int(int64), token: str, total: int(int64)}} # OK @errors {400: Bad request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not found: asset not found, 429: Too many requests} @endpoint GET /api/v2/security/signals/notification_rules @desc Get the list of signal-based notification rules @returns(200) {data: [map]} # The list of notification rules. @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/security/signals/notification_rules @desc Create a new signal-based notification rule @optional {data: map{attributes!: map, type!: str} # Data of the notification rule create request: the rule type, and the rule attributes. All fields are required.} @returns(201) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Successfully created the notification rule. @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/security/signals/notification_rules/{id} @desc Delete a signal-based notification rule @required {id: str # ID of the notification rule.} @returns(204) Rule successfully deleted. @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security/signals/notification_rules/{id} @desc Get details of a signal-based notification rule @required {id: str # ID of the notification rule.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Notification rule details. @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security/signals/notification_rules/{id} @desc Patch a signal-based notification rule @required {id: str # ID of the notification rule.} @optional {data: map{attributes!: map, id!: str, type!: str} # Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Notification rule successfully patched. @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 422: The server cannot process the request because it contains invalid data., 429: Too many requests} @endpoint GET /api/v2/security/vulnerabilities @desc List vulnerabilities @optional {page[token]: str # Its value must come from the `links` section of the response of the first request. Do not manually edit it., page[number]: int(int64) # The page number to be retrieved. It should be equal or greater than `1`, filter[type]: str # Filter by vulnerability type., filter[cvss.base.score][`$op`]: num(double) # Filter by vulnerability base (i.e. from the original advisory) severity score., filter[cvss.base.severity]: str # Filter by vulnerability base severity., filter[cvss.base.vector]: str # Filter by vulnerability base CVSS vector., filter[cvss.datadog.score][`$op`]: num(double) # Filter by vulnerability Datadog severity score., filter[cvss.datadog.severity]: str # Filter by vulnerability Datadog severity., filter[cvss.datadog.vector]: str # Filter by vulnerability Datadog CVSS vector., filter[status]: str # Filter by the status of the vulnerability., filter[tool]: str # Filter by the tool of the vulnerability., filter[library.name]: str # Filter by library name., filter[library.version]: str # Filter by library version., filter[advisory.id]: str # Filter by advisory ID., filter[risks.exploitation_probability]: bool # Filter by exploitation probability., filter[risks.poc_exploit_available]: bool # Filter by POC exploit availability., filter[risks.exploit_available]: bool # Filter by public exploit availability., filter[risks.epss.score][`$op`]: num(double) # Filter by vulnerability [EPSS](https://www.first.org/epss/) severity score., filter[risks.epss.severity]: str # Filter by vulnerability [EPSS](https://www.first.org/epss/) severity., filter[language]: str # Filter by language., filter[ecosystem]: str # Filter by ecosystem., filter[code_location.location]: str # Filter by vulnerability location., filter[code_location.file_path]: str # Filter by vulnerability file path., filter[code_location.method]: str # Filter by method., filter[fix_available]: bool # Filter by fix availability., filter[repo_digests]: str # Filter by vulnerability `repo_digest` (when the vulnerability is related to `Image` asset)., filter[origin]: str # Filter by origin., filter[running_kernel]: bool # Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a `Host` asset)., filter[asset.name]: str # Filter by asset name. This field supports the usage of wildcards (*)., filter[asset.type]: str # Filter by asset type., filter[asset.version.first]: str # Filter by the first version of the asset this vulnerability has been detected on., filter[asset.version.last]: str # Filter by the last version of the asset this vulnerability has been detected on., filter[asset.repository_url]: str # Filter by the repository url associated to the asset., filter[asset.risks.in_production]: bool # Filter whether the asset is in production or not., filter[asset.risks.under_attack]: bool # Filter whether the asset is under attack or not., filter[asset.risks.is_publicly_accessible]: bool # Filter whether the asset is publicly accessible or not., filter[asset.risks.has_privileged_access]: bool # Filter whether the asset is publicly accessible or not., filter[asset.risks.has_access_to_sensitive_data]: bool # Filter whether the asset has access to sensitive data or not., filter[asset.environments]: str # Filter by asset environments., filter[asset.teams]: str # Filter by asset teams., filter[asset.arch]: str # Filter by asset architecture., filter[asset.operating_system.name]: str # Filter by asset operating system name., filter[asset.operating_system.version]: str # Filter by asset operating system version.} @returns(200) {data: [map], links: map{first: str, last: str, next: str, previous: str, self: str}, meta: map{count: int(int64), token: str, total: int(int64)}} # OK @errors {400: Bad request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not found: There is no request associated with the provided token., 429: Too many requests} @endpoint GET /api/v2/security/vulnerabilities/notification_rules @desc Get the list of vulnerability notification rules @returns(200) {data: [map]} # The list of notification rules. @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/security/vulnerabilities/notification_rules @desc Create a new vulnerability-based notification rule @optional {data: map{attributes!: map, type!: str} # Data of the notification rule create request: the rule type, and the rule attributes. All fields are required.} @returns(201) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Successfully created the notification rule. @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/security/vulnerabilities/notification_rules/{id} @desc Delete a vulnerability-based notification rule @required {id: str # ID of the notification rule.} @returns(204) Rule successfully deleted. @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security/vulnerabilities/notification_rules/{id} @desc Get details of a vulnerability notification rule @required {id: str # ID of the notification rule.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Notification rule details. @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security/vulnerabilities/notification_rules/{id} @desc Patch a vulnerability-based notification rule @required {id: str # ID of the notification rule.} @optional {data: map{attributes!: map, id!: str, type!: str} # Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required.} @returns(200) {data: map{attributes: map{created_at: int(int64), created_by: map{handle: str, name: str}, enabled: bool, modified_at: int(int64), modified_by: map{handle: str, name: str}, name: str, selectors: map{query: str, rule_types: [str], severities: [str], trigger_source: str}, targets: [str], time_aggregation: int(int64), version: int(int64)}, id: str, type: str}} # Notification rule successfully patched. @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 422: The server cannot process the request because it contains invalid data., 429: Too many requests} @endpoint GET /api/v2/security/vulnerable-assets @desc List vulnerable assets @optional {page[token]: str # Its value must come from the `links` section of the response of the first request. Do not manually edit it., page[number]: int(int64) # The page number to be retrieved. It should be equal or greater than `1`, filter[name]: str # Filter by name. This field supports the usage of wildcards (*)., filter[type]: str # Filter by type., filter[version.first]: str # Filter by the first version of the asset since it has been vulnerable., filter[version.last]: str # Filter by the last detected version of the asset., filter[repository_url]: str # Filter by the repository url associated to the asset., filter[risks.in_production]: bool # Filter whether the asset is in production or not., filter[risks.under_attack]: bool # Filter whether the asset (Service) is under attack or not., filter[risks.is_publicly_accessible]: bool # Filter whether the asset (Host) is publicly accessible or not., filter[risks.has_privileged_access]: bool # Filter whether the asset (Host) has privileged access or not., filter[risks.has_access_to_sensitive_data]: bool # Filter whether the asset (Host) has access to sensitive data or not., filter[environments]: str # Filter by environment., filter[teams]: str # Filter by teams., filter[arch]: str # Filter by architecture., filter[operating_system.name]: str # Filter by operating system name., filter[operating_system.version]: str # Filter by operating system version.} @returns(200) {data: [map], links: map{first: str, last: str, next: str, previous: str, self: str}, meta: map{count: int(int64), token: str, total: int(int64)}} # OK @errors {400: Bad request: The server cannot process the request due to invalid syntax in the request., 403: Forbidden: Access denied, 404: Not found: There is no request associated with the provided token., 429: Too many requests} @endpoint GET /api/v2/security_monitoring/cloud_workload_security/agent_rules @desc Get all Workload Protection agent rules (US1-FED) @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/cloud_workload_security/agent_rules @desc Create a Workload Protection agent rule (US1-FED) @required {data: map{attributes!: map, type!: str} # Object for a single Agent rule} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} @desc Delete a Workload Protection agent rule (US1-FED) @required {agent_rule_id: str # The ID of the Agent rule} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} @desc Get a Workload Protection agent rule (US1-FED) @required {agent_rule_id: str # The ID of the Agent rule} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} @desc Update a Workload Protection agent rule (US1-FED) @required {agent_rule_id: str # The ID of the Agent rule, data: map{attributes!: map, id: str, type!: str} # Object for a single Agent rule} @returns(200) {data: map{attributes: map{actions: [map]?, agentConstraint: str, blocking: [str], category: str, creationAuthorUuId: str, creationDate: int(int64), creator: map{handle: str, name: str?}, defaultRule: bool, description: str, disabled: [str], enabled: bool, expression: str, filters: [str], monitoring: [str], name: str, product_tags: [str], silent: bool, updateAuthorUuId: str, updateDate: int(int64), updatedAt: int(int64), updater: map{handle: str, name: str?}, version: int(int64)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/critical_assets @desc Get all critical assets @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/configuration/critical_assets @desc Create a critical asset @required {data: map{attributes!: map, type!: str} # Object for a single critical asset.} @returns(200) {data: map{attributes: map{creation_author_id: int(int64), creation_date: int(int64), creator: map{handle: str, name: str?}, enabled: bool, query: str, rule_query: str, severity: str, tags: [str], update_author_id: int(int64), update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id} @desc Get critical assets affecting a specific rule @required {rule_id: str # The ID of the rule.} @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} @desc Delete a critical asset @required {critical_asset_id: str # The ID of the critical asset.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} @desc Get a critical asset @required {critical_asset_id: str # The ID of the critical asset.} @returns(200) {data: map{attributes: map{creation_author_id: int(int64), creation_date: int(int64), creator: map{handle: str, name: str?}, enabled: bool, query: str, rule_query: str, severity: str, tags: [str], update_author_id: int(int64), update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id} @desc Update a critical asset @required {critical_asset_id: str # The ID of the critical asset., data: map{attributes!: map, type!: str} # The new critical asset properties; partial updates are supported.} @returns(200) {data: map{attributes: map{creation_author_id: int(int64), creation_date: int(int64), creator: map{handle: str, name: str?}, enabled: bool, query: str, rule_query: str, severity: str, tags: [str], update_author_id: int(int64), update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/security_filters @desc Get all security filters @returns(200) {data: [map], meta: map{warning: str}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/configuration/security_filters @desc Create a security filter @required {data: map{attributes!: map, type!: str} # Object for a single security filter.} @returns(200) {data: map{attributes: map{exclusion_filters: [map], filtered_data_type: str, is_builtin: bool, is_enabled: bool, name: str, query: str, version: int(int32)}, id: str, type: str}, meta: map{warning: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} @desc Delete a security filter @required {security_filter_id: str # The ID of the security filter.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} @desc Get a security filter @required {security_filter_id: str # The ID of the security filter.} @returns(200) {data: map{attributes: map{exclusion_filters: [map], filtered_data_type: str, is_builtin: bool, is_enabled: bool, name: str, query: str, version: int(int32)}, id: str, type: str}, meta: map{warning: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} @desc Update a security filter @required {security_filter_id: str # The ID of the security filter., data: map{attributes!: map, type!: str} # The new security filter properties.} @returns(200) {data: map{attributes: map{exclusion_filters: [map], filtered_data_type: str, is_builtin: bool, is_enabled: bool, name: str, query: str, version: int(int32)}, id: str, type: str}, meta: map{warning: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/suppressions @desc Get all suppression rules @optional {query: str # Query string., sort: str # Attribute used to sort the list of suppression rules. Prefix with `-` to sort in descending order., page[size]: int(int64)=-1 # Size for a given page. Use `-1` to return all items., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: [map], meta: map{page: map{pageNumber: int(int64), pageSize: int(int64), totalCount: int(int64)}}} # OK @errors {403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/configuration/suppressions @desc Create a suppression rule @required {data: map{attributes!: map, type!: str} # Object for a single suppression rule.} @returns(200) {data: map{attributes: map{creation_date: int(int64), creator: map{handle: str, name: str?}, data_exclusion_query: str, description: str, editable: bool, enabled: bool, expiration_date: int(int64), name: str, rule_query: str, start_date: int(int64), suppression_query: str, tags: [str], update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 409: Conflict, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/configuration/suppressions/rules @desc Get suppressions affecting future rule @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/suppressions/rules/{rule_id} @desc Get suppressions affecting a specific rule @required {rule_id: str # The ID of the rule.} @returns(200) {data: [map]} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/configuration/suppressions/validation @desc Validate a suppression rule @required {data: map{attributes!: map, type!: str} # Object for a single suppression rule.} @returns(204) OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/security_monitoring/configuration/suppressions/{suppression_id} @desc Delete a suppression rule @required {suppression_id: str # The ID of the suppression rule} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/suppressions/{suppression_id} @desc Get a suppression rule @required {suppression_id: str # The ID of the suppression rule} @returns(200) {data: map{attributes: map{creation_date: int(int64), creator: map{handle: str, name: str?}, data_exclusion_query: str, description: str, editable: bool, enabled: bool, expiration_date: int(int64), name: str, rule_query: str, start_date: int(int64), suppression_query: str, tags: [str], update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/configuration/suppressions/{suppression_id} @desc Update a suppression rule @required {suppression_id: str # The ID of the suppression rule, data: map{attributes!: map, type!: str} # The new suppression properties; partial updates are supported.} @returns(200) {data: map{attributes: map{creation_date: int(int64), creator: map{handle: str, name: str?}, data_exclusion_query: str, description: str, editable: bool, enabled: bool, expiration_date: int(int64), name: str, rule_query: str, start_date: int(int64), suppression_query: str, tags: [str], update_date: int(int64), updater: map{handle: str, name: str?}, version: int(int32)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 409: Concurrent Modification, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/configuration/suppressions/{suppression_id}/version_history @desc Get a suppression's version history @required {suppression_id: str # The ID of the suppression rule} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: map{attributes: map{count: int(int32), data: map}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/content_packs/states @desc Get content pack states @returns(200) {data: [map], meta: map{cloud_siem_index_incorrect: bool, sku: str}} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/security_monitoring/content_packs/{content_pack_id}/activate @desc Activate content pack @required {content_pack_id: str # The ID of the content pack to activate.} @returns(202) Accepted @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate @desc Deactivate content pack @required {content_pack_id: str # The ID of the content pack to deactivate.} @returns(202) Accepted @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/rules @desc List rules @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., query: str # A search query to filter security rules. You can filter by attributes such as `type`, `source`, `tags`., sort: str # Attribute used to sort rules. Prefix with `-` to sort in descending order.} @returns(200) {data: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules @desc Create a detection rule @returns(200) OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules/bulk_export @desc Bulk export security monitoring rules @required {data: map{attributes!: map, id: str, type!: str} # Data for bulk exporting security monitoring rules.} @returns(200) OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules/convert @desc Convert a rule from JSON to Terraform @returns(200) {ruleId: str, terraformContent: str} # OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules/test @desc Test a rule @optional {rule: any # Test a rule., ruleQueryPayloads: [map{expectedResult: bool, index: int(int64), payload: map}] # Data payloads used to test rules query with the expected result.} @returns(200) {results: [bool]} # OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules/validation @desc Validate a detection rule @returns(204) OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint DELETE /api/v2/security_monitoring/rules/{rule_id} @desc Delete an existing rule @required {rule_id: str # The ID of the rule.} @returns(204) OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/rules/{rule_id} @desc Get a rule's details @required {rule_id: str # The ID of the rule.} @returns(200) OK @errors {404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/security_monitoring/rules/{rule_id} @desc Update an existing rule @required {rule_id: str # The ID of the rule.} @optional {calculatedFields: [map{expression!: str, name!: str}] # Calculated fields. Only allowed for scheduled rules - in other words, when schedulingOptions is also defined., cases: [map{actions: [map], condition: str, customStatus: str, name: str, notifications: [str], status: str}] # Cases for generating signals., complianceSignalOptions: map{defaultActivationStatus: bool, defaultGroupByFields: [str], userActivationStatus: bool, userGroupByFields: [str]} # How to generate compliance signals. Useful for cloud_configuration rules only., customMessage: str # Custom/Overridden Message for generated signals (used in case of Default rule update)., customName: str # Custom/Overridden name (used in case of Default rule update)., filters: [map{action: str, query: str}] # Additional queries to filter matched events before they are processed. This field is deprecated for log detection, signal correlation, and workload security rules., groupSignalsBy: [str] # Additional grouping to perform on top of the existing groups in the query section. Must be a subset of the existing groups., hasExtendedTitle: bool # Whether the notifications include the triggering group-by values in their title., isEnabled: bool # Whether the rule is enabled., message: str # Message for generated signals., name: str # Name of the rule., options: map{anomalyDetectionOptions: map, complianceRuleOptions: map, decreaseCriticalityBasedOnEnv: bool, detectionMethod: str, evaluationWindow: int(int32), hardcodedEvaluatorType: str, impossibleTravelOptions: map, keepAlive: int(int32), maxSignalDuration: int(int32), newValueOptions: map, sequenceDetectionOptions: map, thirdPartyRuleOptions: map} # Options., queries: [any] # Queries for selecting logs which are part of the rule., referenceTables: [map{checkPresence: bool, columnName: str, logFieldPath: str, ruleQueryName: str, tableName: str}] # Reference tables for the rule., schedulingOptions: map{rrule: str, start: str, timezone: str} # Options for scheduled rules. When this field is present, the rule runs based on the schedule. When absent, it runs real-time on ingested logs., tags: [str] # Tags for generated signals., thirdPartyCases: [map{customStatus: str, name: str, notifications: [str], query: str, status: str}] # Cases for generating signals from third-party rules. Only available for third-party rules., version: int(int32) # The version of the rule being updated.} @returns(200) OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/rules/{rule_id}/convert @desc Convert an existing rule from JSON to Terraform @required {rule_id: str # The ID of the rule.} @returns(200) {ruleId: str, terraformContent: str} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/rules/{rule_id}/test @desc Test an existing rule @required {rule_id: str # The ID of the rule.} @optional {rule: any # Test a rule., ruleQueryPayloads: [map{expectedResult: bool, index: int(int64), payload: map}] # Data payloads used to test rules query with the expected result.} @returns(200) {results: [bool]} # OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/rules/{rule_id}/version_history @desc Get a rule's version history @required {rule_id: str # The ID of the rule.} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: map{attributes: map{count: int(int32), data: map}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/signals @desc Get a quick list of security signals @optional {filter[query]: str # The search query for security signals., filter[from]: str(date-time) # The minimum timestamp for requested security signals., filter[to]: str(date-time) # The maximum timestamp for requested security signals., sort: str # The order of the security signals in results., page[cursor]: str # A list of results using the cursor provided in the previous query., page[limit]: int(int32)=10 # The maximum number of security signals in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{page: map{after: str}}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/signals/bulk/assignee @desc Bulk update triage assignee of security signals @required {data: [map{attributes!: map, id!: str, type: str}] # An array of signal assignee updates.} @returns(200) {result: map{count: int(int64), events: [map]}, status: str, type: str} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/signals/bulk/state @desc Bulk update triage state of security signals @required {data: [map{attributes!: map, id!: str, type: str}] # An array of signal state updates.} @returns(200) {result: map{count: int(int64), events: [map]}, status: str, type: str} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/security_monitoring/signals/search @desc Get a list of security signals @optional {filter: map{from: str(date-time), query: str, to: str(date-time)} # Search filters for listing security signals., page: map{cursor: str, limit: int(int32)} # The paging attributes for listing security signals., sort: str(timestamp/-timestamp) # The sort parameters used for querying security signals.} @returns(200) {data: [map], links: map{next: str}, meta: map{page: map{after: str}}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/security_monitoring/signals/{signal_id} @desc Get a signal's details @required {signal_id: str # The ID of the signal.} @returns(200) {data: map{attributes: map{custom: map, message: str, tags: [str], timestamp: str(date-time)}, id: str, type: str}} # OK @errors {403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/signals/{signal_id}/assignee @desc Modify the triage assignee of a security signal @required {signal_id: str # The ID of the signal., data: map{attributes!: map} # Data containing the patch for changing the assignee of a signal.} @returns(200) {data: map{attributes: map{archive_comment: str, archive_comment_timestamp: int(int64), archive_comment_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, archive_reason: str, assignee: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, incident_ids: [int(int64)], state: str, state_update_timestamp: int(int64), state_update_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/signals/{signal_id}/incidents @desc Change the related incidents of a security signal @required {signal_id: str # The ID of the signal., data: map{attributes!: map} # Data containing the patch for changing the related incidents of a signal.} @returns(200) {data: map{attributes: map{archive_comment: str, archive_comment_timestamp: int(int64), archive_comment_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, archive_reason: str, assignee: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, incident_ids: [int(int64)], state: str, state_update_timestamp: int(int64), state_update_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/security_monitoring/signals/{signal_id}/state @desc Change the triage state of a security signal @required {signal_id: str # The ID of the signal., data: map{attributes!: map, id: any, type: str} # Data containing the patch for changing the state of a signal.} @returns(200) {data: map{attributes: map{archive_comment: str, archive_comment_timestamp: int(int64), archive_comment_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, archive_reason: str, assignee: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}, incident_ids: [int(int64)], state: str, state_update_timestamp: int(int64), state_update_user: map{handle: str, icon: str, id: int(int64), name: str?, uuid: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/sensitive-data-scanner/config @desc List Scanning Groups @returns(200) {data: map{attributes: map, id: str, relationships: map{groups: map{data: [map]}}, type: str}, included: [any], meta: map{count_limit: int(int64), group_count_limit: int(int64), has_highlight_enabled: bool, has_multi_pass_enabled: bool, is_pci_compliant: bool, version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint PATCH /api/v2/sensitive-data-scanner/config @desc Reorder Groups @required {data: map{id: str, relationships: map, type: str} # Data related to the reordering of scanning groups., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(200) {meta: map{count_limit: int(int64), group_count_limit: int(int64), has_highlight_enabled: bool, has_multi_pass_enabled: bool, is_pci_compliant: bool, version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint POST /api/v2/sensitive-data-scanner/config/groups @desc Create Scanning Group @optional {data: map{attributes!: map, relationships: map, type!: str} # Data related to the creation of a group., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(201) {data: map{attributes: map{description: str, filter: map{query: str}, is_enabled: bool, name: str, product_list: [str], samplings: [map]}, id: str, relationships: map{configuration: map{data: map}, rules: map{data: [map]}}, type: str}, meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint DELETE /api/v2/sensitive-data-scanner/config/groups/{group_id} @desc Delete Scanning Group @required {group_id: str # The ID of a group of rules., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(200) {meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/sensitive-data-scanner/config/groups/{group_id} @desc Update Scanning Group @required {group_id: str # The ID of a group of rules., data: map{attributes: map, id: str, relationships: map, type: str} # Data related to the update of a group., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(200) {meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/sensitive-data-scanner/config/rules @desc Create Scanning Rule @required {data: map{attributes!: map, relationships!: map, type!: str} # Data related to the creation of a rule., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(201) {data: map{attributes: map{description: str, excluded_namespaces: [str], included_keyword_configuration: map{character_count: int(int64), keywords: [str], use_recommended_keywords: bool}, is_enabled: bool, name: str, namespaces: [str], pattern: str, priority: int(int64), suppressions: map{ends_with: [str], exact_match: [str], starts_with: [str]}, tags: [str], text_replacement: map{number_of_chars: int(int64), replacement_string: str, should_save_match: bool, type: str}}, id: str, relationships: map{group: map{data: map}, standard_pattern: map{data: map}}, type: str}, meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint DELETE /api/v2/sensitive-data-scanner/config/rules/{rule_id} @desc Delete Scanning Rule @required {rule_id: str # The ID of the rule., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(200) {meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/sensitive-data-scanner/config/rules/{rule_id} @desc Update Scanning Rule @required {rule_id: str # The ID of the rule., data: map{attributes: map, id: str, relationships: map, type: str} # Data related to the update of a rule., meta: map{version: int(int64)} # Meta payload containing information about the API.} @returns(200) {meta: map{version: int(int64)}} # OK @errors {400: Bad Request, 403: Authentication Error, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/sensitive-data-scanner/config/standard-patterns @desc List standard patterns @returns(200) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication Error, 429: Too many requests} @endpoint POST /api/v2/series @desc Submit metrics @required {series: [map{interval: int(int64), metadata: map, metric!: str, points!: [map], resources: [map], source_type_name: str, tags: [str], type: int(int32), unit: str}] # A list of timeseries to submit to Datadog.} @optional {Content-Encoding: str # HTTP header used to compress the media-type.} @returns(202) {errors: [str]} # Payload accepted @errors {400: Bad Request, 403: Authentication error, 408: Request timeout, 413: Payload too large, 429: Too many requests} @endpoint POST /api/v2/service_accounts @desc Create a service account @required {data: map{attributes!: map, relationships: map, type!: str} # Object to create a service account User.} @returns(201) {data: map{attributes: map{created_at: str(date-time), disabled: bool, email: str, handle: str, icon: str, last_login_time: str(date-time)?, mfa_enabled: bool, modified_at: str(date-time), name: str?, service_account: bool, status: str, title: str?, verified: bool}, id: str, relationships: map{org: map{data: map}, other_orgs: map{data: [map]}, other_users: map{data: [map]}, roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint GET /api/v2/service_accounts/{service_account_id}/application_keys @desc List application keys for this service account @required {service_account_id: str # The ID of the service account.} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Application key attribute used to sort results. Sort order is ascending by default. In order to specify a descending sort, prefix the attribute with a minus sign., filter: str # Filter application keys by the specified string., filter[created_at][start]: str # Only include application keys created on or after the specified date., filter[created_at][end]: str # Only include application keys created on or before the specified date.} @returns(200) {data: [map], included: [any], meta: map{max_allowed_per_user: int(int64), page: map{total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/service_accounts/{service_account_id}/application_keys @desc Create an application key for this service account @required {service_account_id: str # The ID of the service account., data: map{attributes!: map, type!: str} # Object used to create an application key.} @returns(201) {data: map{attributes: map{created_at: str(date-time), key: str, last4: str, last_used_at: str(date-time)?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} @desc Delete an application key for this service account @required {service_account_id: str # The ID of the service account., app_key_id: str # The ID of the application key.} @returns(204) No Content @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} @desc Get one application key for this service account @required {service_account_id: str # The ID of the service account., app_key_id: str # The ID of the application key.} @returns(200) {data: map{attributes: map{created_at: str, last4: str, last_used_at: str?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} @desc Edit an application key for this service account @required {service_account_id: str # The ID of the service account., app_key_id: str # The ID of the application key., data: map{attributes!: map, id!: str, type!: str} # Object used to update an application key.} @returns(200) {data: map{attributes: map{created_at: str, last4: str, last_used_at: str?, name: str, scopes: [str]?}, id: str, relationships: map{owned_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/services @desc Get a list of all incident services @optional {include: str # Specifies which types of related objects should be included in the response., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., filter: str # A search query that filters services by name.} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/services @desc Create a new incident service @required {data: map{attributes: map, relationships: map, type!: str} # Incident Service payload for create requests.} @returns(201) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/services/definitions @desc Get all service definitions @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., schema_version: str # The schema version desired in the response.} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/services/definitions @desc Create or update service definition @returns(200) {data: [map]} # CREATED @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/services/definitions/{service_name} @desc Delete a single service definition @required {service_name: str # The name of the service.} @returns(204) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/services/definitions/{service_name} @desc Get a single service definition @required {service_name: str # The name of the service.} @optional {schema_version: str # The schema version desired in the response.} @returns(200) {data: map{attributes: map{meta: map{github-html-url: str, ingested-schema-version: str, ingestion-source: str, last-modified-time: str, origin: str, origin-detail: str, warnings: [map]}, schema: any}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/services/{service_id} @desc Delete an existing incident service @required {service_id: str # The ID of the incident service.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/services/{service_id} @desc Get details of an incident service @required {service_id: str # The ID of the incident service.} @optional {include: str # Specifies which types of related objects should be included in the response.} @returns(200) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/services/{service_id} @desc Update an existing incident service @required {service_id: str # The ID of the incident service., data: map{attributes: map, id: str, relationships: map, type!: str} # Incident Service payload for update requests.} @returns(200) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/histsignals @desc List hist signals @optional {filter[query]: str # The search query for security signals., filter[from]: str(date-time) # The minimum timestamp for requested security signals., filter[to]: str(date-time) # The maximum timestamp for requested security signals., sort: str # The order of the security signals in results., page[cursor]: str # A list of results using the cursor provided in the previous query., page[limit]: int(int32)=10 # The maximum number of security signals in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{page: map{after: str}}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/histsignals/search @desc Search hist signals @optional {filter: map{from: str(date-time), query: str, to: str(date-time)} # Search filters for listing security signals., page: map{cursor: str, limit: int(int32)} # The paging attributes for listing security signals., sort: str(timestamp/-timestamp) # The sort parameters used for querying security signals.} @returns(200) {data: [map], links: map{next: str}, meta: map{page: map{after: str}}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/histsignals/{histsignal_id} @desc Get a hist signal's details @required {histsignal_id: str # The ID of the threat hunting signal.} @returns(200) {data: map{attributes: map{custom: map, message: str, tags: [str], timestamp: str(date-time)}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/jobs @desc List threat hunting jobs @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # The order of the jobs in results., filter[query]: str # Query used to filter items from the fetched list.} @returns(200) {data: [map], meta: map{totalCount: int(int32)}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/siem-threat-hunting/jobs @desc Run a threat hunting job @optional {data: map{attributes: map, type: str} # Data for running a threat hunting job request.} @returns(201) {data: map{id: str, type: str}} # Status created @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/siem-threat-hunting/jobs/signal_convert @desc Convert a job result to a signal @optional {data: map{attributes: map, type: str} # Data for converting threat hunting job results to signals.} @returns(204) OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/siem-threat-hunting/jobs/{job_id} @desc Delete an existing job @required {job_id: str # The ID of the job.} @returns(204) OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/jobs/{job_id} @desc Get a job's details @required {job_id: str # The ID of the job.} @returns(200) {data: map{attributes: map{createdAt: str, createdByHandle: str, createdByName: str, createdFromRuleId: str, jobDefinition: map{calculatedFields: [map], cases: [map], from: int(int64), groupSignalsBy: [str], index: str, message: str, name: str, options: map, queries: [map], referenceTables: [map], tags: [str], thirdPartyCases: [map], to: int(int64), type: str}, jobName: str, jobStatus: str, modifiedAt: str, signalOutput: bool}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/siem-threat-hunting/jobs/{job_id}/cancel @desc Cancel a threat hunting job @required {job_id: str # The ID of the job.} @returns(204) OK @errors {400: Bad Request, 401: Concurrent Modification, 403: Not Authorized, 404: Not Found, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/siem-threat-hunting/jobs/{job_id}/histsignals @desc Get a job's hist signals @required {job_id: str # The ID of the job.} @optional {filter[query]: str # The search query for security signals., filter[from]: str(date-time) # The minimum timestamp for requested security signals., filter[to]: str(date-time) # The maximum timestamp for requested security signals., sort: str # The order of the security signals in results., page[cursor]: str # A list of results using the cursor provided in the previous query., page[limit]: int(int32)=10 # The maximum number of security signals in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{page: map{after: str}}} # OK @errors {400: Bad Request, 403: Not Authorized, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/slo/report @desc Create a new SLO report @required {data: map{attributes!: map} # The data portion of the SLO report request.} @returns(200) {data: map{id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/slo/report/{report_id}/download @desc Get SLO report @required {report_id: str # The ID of the report job.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/slo/report/{report_id}/status @desc Get SLO report status @required {report_id: str # The ID of the report job.} @returns(200) {data: map{attributes: map{status: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/slo/{slo_id}/status @desc Get SLO status @required {slo_id: str # The ID of the SLO., from_ts: int(int64) # The starting timestamp for the SLO status query in epoch seconds., to_ts: int(int64) # The ending timestamp for the SLO status query in epoch seconds.} @optional {disable_corrections: bool=false # Whether to exclude correction windows from the SLO status calculation. Defaults to false.} @returns(200) {data: map{attributes: map{error_budget_remaining: num(double), raw_error_budget_remaining: map{unit: str, value: num(double)}, sli: num(double), span_precision: int(int64), state: str}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/spa/recommendations/{service} @desc Get SPA Recommendations @required {service: str # The service name for a spark job.} @optional {bypass_cache: str # The recommendation service should not use its metrics cache.} @returns(200) {data: map{attributes: map{confidence_level: num(double), driver: map{estimation: map}, executor: map{estimation: map}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/spa/recommendations/{service}/{shard} @desc Get SPA Recommendations with a shard parameter @required {shard: str # The shard tag for a spark job, which differentiates jobs within the same service that have different resource needs, service: str # The service name for a spark job} @optional {bypass_cache: str # The recommendation service should not use its metrics cache.} @returns(200) {data: map{attributes: map{confidence_level: num(double), driver: map{estimation: map}, executor: map{estimation: map}}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/spans/analytics/aggregate @desc Aggregate spans @optional {data: map{attributes: map, type: str} # The object containing the query content.} @returns(200) {data: [map], meta: map{elapsed: int(int64), request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/spans/events @desc Get a list of spans @optional {filter[query]: str # Search query following spans syntax., filter[from]: str # Minimum timestamp for requested spans. Supports date-time ISO8601, date math, and regular timestamps (milliseconds)., filter[to]: str # Maximum timestamp for requested spans. Supports date-time ISO8601, date math, and regular timestamps (milliseconds)., sort: str # Order of spans in results., page[cursor]: str # List following results with a cursor provided in the previous query., page[limit]: int(int32)=10 # Maximum number of spans in the response.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request., 403: Forbidden: Access denied., 422: Unprocessable Entity., 429: Too many requests: The rate limit set by the API has been exceeded.} @endpoint POST /api/v2/spans/events/search @desc Search spans @optional {data: map{attributes: map, type: str} # The object containing the query content.} @returns(200) {data: [map], links: map{next: str}, meta: map{elapsed: int(int64), page: map{after: str}, request_id: str, status: str, warnings: [map]}} # OK @errors {400: Bad Request., 403: Forbidden: Access denied., 422: Unprocessable Entity., 429: Too many requests: The rate limit set by the API has been exceeded.} @endpoint POST /api/v2/static-analysis-sca/dependencies @desc Post dependencies for analysis @optional {data: map{attributes: map, id: str, type!: str} # The data object in an SCA request, containing the dependency graph attributes and request type.} @returns(200) OK @errors {429: Too many requests} @endpoint POST /api/v2/static-analysis-sca/vulnerabilities/resolve-vulnerable-symbols @desc POST request to resolve vulnerable symbols @optional {data: map{attributes: map, id: str, type!: str} # The data object in a request to resolve vulnerable symbols, containing the package PURLs and request type.} @returns(200) {data: map{attributes: map{results: [map]}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/static-analysis/custom/rulesets/{ruleset_name} @desc Delete Custom Ruleset @required {ruleset_name: str # The ruleset name} @returns(200) Successfully deleted @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Ruleset not found, 429: Too many requests} @endpoint GET /api/v2/static-analysis/custom/rulesets/{ruleset_name} @desc Show Custom Ruleset @required {ruleset_name: str # The ruleset name} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: str, description: str, name: str, rules: [map]?, short_description: str}, id: str, type: str}} # Successful response @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Ruleset not found, 429: Too many requests} @endpoint PATCH /api/v2/static-analysis/custom/rulesets/{ruleset_name} @desc Update Custom Ruleset @required {ruleset_name: str # The ruleset name} @optional {data: map{attributes: map, id: str, type: str} # Data object for a custom ruleset create or update request.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: str, description: str, name: str, rules: [map]?, short_description: str}, id: str, type: str}} # Successfully updated @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 412: Precondition failed - validation error or ruleset not found, 429: Too many requests} @endpoint PUT /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules @desc Create Custom Rule @required {ruleset_name: str # The ruleset name} @optional {data: map{attributes: map, id: str, type: str} # Data object for a custom rule create or update request.} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: str, last_revision: map{attributes: map, id: str, type: str}, name: str}, id: str, type: str}} # Successfully created @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 409: Conflict - rule already exists, 412: Precondition failed - validation error or ruleset not found, 429: Too many requests} @endpoint DELETE /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name} @desc Delete Custom Rule @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name} @returns(200) Successfully deleted @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Rule not found, 429: Too many requests} @endpoint GET /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name} @desc Show Custom Rule @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name} @returns(200) {data: map{attributes: map{created_at: str(date-time), created_by: str, last_revision: map{attributes: map, id: str, type: str}, name: str}, id: str, type: str}} # Successful response @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Rule not found, 429: Too many requests} @endpoint GET /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name}/revisions @desc List Custom Rule Revisions @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name} @optional {page[offset]: int=0 # Pagination offset, page[limit]: int=10 # Pagination limit} @returns(200) {data: [map]} # Successful response @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Rule not found, 429: Too many requests} @endpoint PUT /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name}/revisions @desc Create Custom Rule Revision @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name} @optional {data: map{attributes: map, id: str, type: str} # Data object for a custom rule revision create request.} @returns(200) Successfully created @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Rule not found, 429: Too many requests} @endpoint POST /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name}/revisions/revert @desc Revert Custom Rule Revision @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name} @optional {data: map{attributes: map, id: str, type: str} # Data object for a request to revert a custom rule to a previous revision.} @returns(200) Successfully reverted @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 429: Too many requests} @endpoint GET /api/v2/static-analysis/custom/rulesets/{ruleset_name}/rules/{rule_name}/revisions/{id} @desc Show Custom Rule Revision @required {ruleset_name: str # The ruleset name, rule_name: str # The rule name, id: str # The revision ID} @returns(200) {data: map{attributes: map{arguments: [map], category: str, checksum: str, code: str, created_at: str(date-time), created_by: str, creation_message: str, cve: str?, cwe: str?, description: str, documentation_url: str?, is_published: bool, is_testing: bool, language: str, severity: str, short_description: str, should_use_ai_fix: bool, tags: [str], tests: [map], tree_sitter_query: str}, id: str, type: str}} # Successful response @errors {400: Bad request, 401: Unauthorized - custom rules not enabled, 404: Revision not found, 429: Too many requests} @endpoint POST /api/v2/static-analysis/rulesets @desc Ruleset get multiple @optional {data: map{attributes: map, id: str, type!: str} # The primary data object in the get-multiple-rulesets request, containing request attributes and resource type.} @returns(200) {data: map{attributes: map{rulesets: [map]}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/static-analysis/secrets/rules @desc Returns a list of Secrets rules @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/statuspages @desc List status pages @optional {page[offset]: int=0 # Offset to use as the start of the page., page[limit]: int=50 # The number of status pages to return per page., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user.} @returns(200) {data: [map], included: [any], meta: map{page: map{first_offset: int(int64), last_offset: int(int64)?, limit: int(int64), next_offset: int(int64)?, offset: int(int64), prev_offset: int(int64)?, total: int(int64)?, type: str}}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/statuspages @desc Create status page @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user., data: map{attributes!: map, type!: str} # The data object for creating a status page.} @returns(201) {data: map{attributes: map{company_logo: str?, components: [map], created_at: str(date-time), custom_domain: str?, custom_domain_enabled: bool, domain_prefix: str, email_header_image: str?, enabled: bool, favicon: str?, modified_at: str(date-time), name: str, page_url: str, subscriptions_enabled: bool, type: str, visualization_type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # Created @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/degradations @desc List degradations @optional {filter[page_id]: str # Optional page id filter., page[offset]: int=0 # Offset to use as the start of the page., page[limit]: int=50 # The number of degradations to return per page., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., filter[status]: str # Optional degradation status filter. Supported values: investigating, identified, monitoring, resolved., sort: str # Sort order. Prefix with '-' for descending. Supported values: created_at, -created_at, modified_at, -modified_at.} @returns(200) {data: [map], included: [any], meta: map{page: map{first_offset: int(int64), last_offset: int(int64)?, limit: int(int64), next_offset: int(int64)?, offset: int(int64), prev_offset: int(int64)?, total: int(int64)?, type: str}}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/maintenances @desc List maintenances @optional {filter[page_id]: str # Optional page id filter., page[offset]: int=0 # Offset to use as the start of the page., page[limit]: int=50 # The number of maintenances to return per page., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., filter[status]: str # Optional maintenance status filter. Supported values: scheduled, in_progress, completed., sort: str # Sort order. Prefix with '-' for descending. Supported values: created_at, -created_at, start_date, -start_date.} @returns(200) {data: [map], included: [any], meta: map{page: map{first_offset: int(int64), last_offset: int(int64)?, limit: int(int64), next_offset: int(int64)?, offset: int(int64), prev_offset: int(int64)?, total: int(int64)?, type: str}}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/statuspages/{page_id} @desc Delete status page @required {page_id: str(uuid) # The ID of the status page.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/{page_id} @desc Get status page @required {page_id: str(uuid) # The ID of the status page.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user.} @returns(200) {data: map{attributes: map{company_logo: str?, components: [map], created_at: str(date-time), custom_domain: str?, custom_domain_enabled: bool, domain_prefix: str, email_header_image: str?, enabled: bool, favicon: str?, modified_at: str(date-time), name: str, page_url: str, subscriptions_enabled: bool, type: str, visualization_type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/statuspages/{page_id} @desc Update status page @required {page_id: str(uuid) # The ID of the status page.} @optional {delete_subscribers: bool=false # Whether to delete existing subscribers when updating a status page's type., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user., data: map{attributes!: map, id!: str(uuid), type!: str} # The data object for updating a status page.} @returns(200) {data: map{attributes: map{company_logo: str?, components: [map], created_at: str(date-time), custom_domain: str?, custom_domain_enabled: bool, domain_prefix: str, email_header_image: str?, enabled: bool, favicon: str?, modified_at: str(date-time), name: str, page_url: str, subscriptions_enabled: bool, type: str, visualization_type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/{page_id}/components @desc List components @required {page_id: str(uuid) # The ID of the status page.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page, group.} @returns(200) {data: [map], included: [any]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/statuspages/{page_id}/components @desc Create component @required {page_id: str(uuid) # The ID of the status page.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page, group., data: map{attributes!: map, relationships: map, type!: str} # The data object for creating a component.} @returns(201) {data: map{attributes: map{components: [map], created_at: str(date-time), modified_at: str(date-time), name: str, position: int(int64), status: str, type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, group: map{data: map?}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/statuspages/{page_id}/components/{component_id} @desc Delete component @required {page_id: str(uuid) # The ID of the status page., component_id: str(uuid) # The ID of the component.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/{page_id}/components/{component_id} @desc Get component @required {page_id: str(uuid) # The ID of the status page., component_id: str(uuid) # The ID of the component.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page, group.} @returns(200) {data: map{attributes: map{components: [map], created_at: str(date-time), modified_at: str(date-time), name: str, position: int(int64), status: str, type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, group: map{data: map?}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/statuspages/{page_id}/components/{component_id} @desc Update component @required {page_id: str(uuid) # The ID of the status page., component_id: str(uuid) # The ID of the component.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page, group., data: map{attributes!: map, id!: str(uuid), type!: str} # The data object for updating a component.} @returns(200) {data: map{attributes: map{components: [map], created_at: str(date-time), modified_at: str(date-time), name: str, position: int(int64), status: str, type: str}, id: str(uuid), relationships: map{created_by_user: map{data: map}, group: map{data: map?}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/statuspages/{page_id}/degradations @desc Create degradation @required {page_id: str(uuid) # The ID of the status page.} @optional {notify_subscribers: bool=true # Whether to notify page subscribers of the degradation., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., data: map{attributes!: map, type!: str} # The data object for creating a degradation.} @returns(201) {data: map{attributes: map{components_affected: [map], created_at: str(date-time), description: str, modified_at: str(date-time), source: map{created_at: str(date-time), source_id: str, type: str}, status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # Created @errors {429: Too many requests} @endpoint DELETE /api/v2/statuspages/{page_id}/degradations/{degradation_id} @desc Delete degradation @required {page_id: str(uuid) # The ID of the status page., degradation_id: str(uuid) # The ID of the degradation.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/{page_id}/degradations/{degradation_id} @desc Get degradation @required {page_id: str(uuid) # The ID of the status page., degradation_id: str(uuid) # The ID of the degradation.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page.} @returns(200) {data: map{attributes: map{components_affected: [map], created_at: str(date-time), description: str, modified_at: str(date-time), source: map{created_at: str(date-time), source_id: str, type: str}, status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/statuspages/{page_id}/degradations/{degradation_id} @desc Update degradation @required {page_id: str(uuid) # The ID of the status page., degradation_id: str(uuid) # The ID of the degradation.} @optional {notify_subscribers: bool=true # Whether to notify page subscribers of the degradation., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., data: map{attributes!: map, id!: str(uuid), type!: str} # The data object for updating a degradation.} @returns(200) {data: map{attributes: map{components_affected: [map], created_at: str(date-time), description: str, modified_at: str(date-time), source: map{created_at: str(date-time), source_id: str, type: str}, status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/statuspages/{page_id}/maintenances @desc Schedule maintenance @required {page_id: str(uuid) # The ID of the status page.} @optional {notify_subscribers: bool=true # Whether to notify page subscribers of the maintenance., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., data: map{attributes!: map, type!: str} # The data object for creating a maintenance.} @returns(201) {data: map{attributes: map{completed_date: str(date-time), completed_description: str, components_affected: [map], in_progress_description: str, modified_at: str(date-time), published_date: str(date-time), scheduled_description: str, start_date: str(date-time), status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # Created @errors {429: Too many requests} @endpoint GET /api/v2/statuspages/{page_id}/maintenances/{maintenance_id} @desc Get maintenance @required {page_id: str(uuid) # The ID of the status page., maintenance_id: str(uuid) # The ID of the maintenance.} @optional {include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page.} @returns(200) {data: map{attributes: map{completed_date: str(date-time), completed_description: str, components_affected: [map], in_progress_description: str, modified_at: str(date-time), published_date: str(date-time), scheduled_description: str, start_date: str(date-time), status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/statuspages/{page_id}/maintenances/{maintenance_id} @desc Update maintenance @required {page_id: str(uuid) # The ID of the status page., maintenance_id: str(uuid) # The ID of the maintenance.} @optional {notify_subscribers: bool=true # Whether to notify page subscribers of the maintenance., include: str # Comma-separated list of resources to include. Supported values: created_by_user, last_modified_by_user, status_page., data: map{attributes!: map, id!: str(uuid), type!: str} # The data object for updating a maintenance.} @returns(200) {data: map{attributes: map{completed_date: str(date-time), completed_description: str, components_affected: [map], in_progress_description: str, modified_at: str(date-time), published_date: str(date-time), scheduled_description: str, start_date: str(date-time), status: str, title: str, updates: [map]}, id: str(uuid), relationships: map{created_by_user: map{data: map}, last_modified_by_user: map{data: map}, status_page: map{data: map}}, type: str}, included: [any]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/statuspages/{page_id}/publish @desc Publish status page @required {page_id: str(uuid) # The ID of the status page.} @returns(204) No Content @errors {429: Too many requests} @endpoint POST /api/v2/statuspages/{page_id}/unpublish @desc Unpublish status page @required {page_id: str(uuid) # The ID of the status page.} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/synthetics/api-multistep/subtests/{public_id} @desc Get available subtests for a multistep test @required {public_id: str # The public ID of the API multistep test.} @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint GET /api/v2/synthetics/api-multistep/subtests/{public_id}/parents @desc Get parent tests for a subtest @required {public_id: str # The public ID of the subtest.} @returns(200) {data: [map]} # OK @errors {404: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/settings/on_demand_concurrency_cap @desc Get the on-demand concurrency cap @returns(200) {data: map{attributes: map{on_demand_concurrency_cap: num(double)}, type: str}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/synthetics/settings/on_demand_concurrency_cap @desc Save new value for on-demand concurrency cap @optional {on_demand_concurrency_cap: num(double) # Value of the on-demand concurrency cap.} @returns(200) {data: map{attributes: map{on_demand_concurrency_cap: num(double)}, type: str}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/synthetics/suites @desc Create a test suite @required {data: map{attributes!: map, type!: str} # Data object for creating or editing a Synthetic test suite.} @returns(200) {data: map{attributes: map{message: str, monitor_id: int(int64), name: str, options: map{alerting_threshold: num(double)}, public_id: str, tags: [str], tests: [map], type: str}, id: str, type: str}} # OK @errors {400: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/suites/bulk-delete @desc Bulk delete suites @required {data: map{attributes!: map, id: str, type: str} # Data object for a bulk delete Synthetic test suites request.} @returns(200) {data: [map]} # OK @errors {400: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/suites/search @desc Search test suites @optional {query: str # The search query., sort: str=name,asc # The sort order for the results (e.g., `name,asc` or `name,desc`)., facets_only: bool=false # If true, return only facets instead of full test details., start: int(int64)=0 # The offset from which to start returning results., count: int(int64)=50 # The maximum number of results to return.} @returns(200) {data: map{attributes: map{suites: [map], total: int(int32)}, id: str(uuid), type: str}} # OK @errors {400: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/suites/{public_id} @desc Get a suite @required {public_id: str # The public ID of the suite to get details from.} @returns(200) {data: map{attributes: map{message: str, monitor_id: int(int64), name: str, options: map{alerting_threshold: num(double)}, public_id: str, tags: [str], tests: [map], type: str}, id: str, type: str}} # OK @errors {404: API error response., 429: Too many requests} @endpoint PUT /api/v2/synthetics/suites/{public_id} @desc Edit a test suite @required {public_id: str # The public ID of the suite to edit., data: map{attributes!: map, type!: str} # Data object for creating or editing a Synthetic test suite.} @returns(200) {data: map{attributes: map{message: str, monitor_id: int(int64), name: str, options: map{alerting_threshold: num(double)}, public_id: str, tags: [str], tests: [map], type: str}, id: str, type: str}} # OK @errors {400: API error response., 429: Too many requests} @endpoint PATCH /api/v2/synthetics/suites/{public_id}/jsonpatch @desc Patch a test suite @required {public_id: str # The public ID of the Synthetic test suite to patch., data: map{attributes: map, type: str} # Data object for a JSON Patch request on a Synthetic test suite.} @returns(200) {data: map{attributes: map{message: str, monitor_id: int(int64), name: str, options: map{alerting_threshold: num(double)}, public_id: str, tags: [str], tests: [map], type: str}, id: str, type: str}} # OK @errors {400: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/bulk-delete @desc Bulk delete tests @required {data: map{attributes!: map, id: str, type: str} # Data object for a bulk delete Synthetic tests request.} @returns(200) {data: [map]} # OK @errors {400: API error response., 404: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/tests/fast/{id} @desc Get a fast test result @required {id: str # The UUID of the fast test to retrieve the result for.} @returns(200) {data: map{attributes: map{device: map{id: str, name: str}, location: map{id: str, name: str, version: str, worker_id: str}, result: map{assertions: [map], call_type: str, cert: map, duration: num(double), failure: map, finished_at: int(int64), id: str, is_fast_retry: bool, request: map, resolved_ip: str, response: map, run_type: str, started_at: int(int64), status: str, steps: [map], timings: map, traceroute: [map], triggered_at: int(int64), tunnel: bool}, test_sub_type: str, test_type: str, test_version: int(int64)}, id: str, type: str}} # OK @errors {400: API error response., 404: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/network @desc Create a Network Path test @required {data: map{attributes!: map, type!: str} # Data object for creating or editing a Network Path test.} @returns(200) {data: map{attributes: map{config: map{assertions: [any], request: map}, locations: [str], message: str, monitor_id: int(int64), name: str, options: map{min_failure_duration: int(int64), min_location_failed: int(int64), monitor_name: str, monitor_options: map, monitor_priority: int(int32), restricted_roles: [str], retry: map, scheduling: map, tick_every: int(int64)}, public_id: str, status: str, subtype: str, tags: [str], type: str}, id: str, type: str}} # OK @errors {400: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/tests/network/{public_id} @desc Get a Network Path test @required {public_id: str # The public ID of the Network Path test to get details from.} @returns(200) {data: map{attributes: map{config: map{assertions: [any], request: map}, locations: [str], message: str, monitor_id: int(int64), name: str, options: map{min_failure_duration: int(int64), min_location_failed: int(int64), monitor_name: str, monitor_options: map, monitor_priority: int(int32), restricted_roles: [str], retry: map, scheduling: map, tick_every: int(int64)}, public_id: str, status: str, subtype: str, tags: [str], type: str}, id: str, type: str}} # OK @errors {400: API error response., 404: API error response., 429: Too many requests} @endpoint PUT /api/v2/synthetics/tests/network/{public_id} @desc Edit a Network Path test @required {public_id: str # The public ID of the Network Path test to edit., data: map{attributes!: map, type!: str} # Data object for creating or editing a Network Path test.} @returns(200) {data: map{attributes: map{config: map{assertions: [any], request: map}, locations: [str], message: str, monitor_id: int(int64), name: str, options: map{min_failure_duration: int(int64), min_location_failed: int(int64), monitor_name: str, monitor_options: map, monitor_priority: int(int32), restricted_roles: [str], retry: map, scheduling: map, tick_every: int(int64)}, public_id: str, status: str, subtype: str, tags: [str], type: str}, id: str, type: str}} # OK @errors {400: API error response., 404: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/{public_id}/files/download @desc Get a presigned URL for downloading a test file @required {public_id: str # The public ID of the Synthetic test., bucketKey: str # The bucket key referencing the file to download.} @returns(200) {url: str} # OK @errors {400: API error response., 403: Forbidden., 404: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/{public_id}/files/multipart-presigned-urls @desc Get presigned URLs for uploading a test file @required {public_id: str # The public ID of the Synthetic test., bucketKeyPrefix: str(api-upload-file/browser-upload-file-step) # The bucket key prefix indicating the type of file upload., parts: [map{md5!: str, partNumber!: int(int64)}] # Array of part descriptors for the multipart upload.} @returns(200) {bucketKey: str, multipart_presigned_urls_params: map{key: str, upload_id: str, urls: map}} # OK @errors {400: API error response., 403: Forbidden., 404: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/{public_id}/files/multipart-upload-abort @desc Abort a multipart upload of a test file @required {public_id: str # The public ID of the Synthetic test., key: str # The full storage path of the file whose upload should be aborted., uploadId: str # The upload ID of the multipart upload to abort.} @returns(204) No Content @errors {400: API error response., 403: Forbidden., 404: API error response., 429: Too many requests} @endpoint POST /api/v2/synthetics/tests/{public_id}/files/multipart-upload-complete @desc Complete a multipart upload of a test file @required {public_id: str # The public ID of the Synthetic test., key: str # The full storage path for the uploaded file., parts: [map{ETag!: str, PartNumber!: int(int64)}] # Array of completed parts with their ETags., uploadId: str # The upload ID returned when the multipart upload was initiated.} @returns(204) No Content @errors {400: API error response., 403: Forbidden., 404: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/tests/{public_id}/parent-suites @desc Get parent suites for a test @required {public_id: str # The public ID of the Synthetic test.} @returns(200) {data: [map]} # OK @errors {404: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/tests/{public_id}/version_history @desc Get version history of a test @required {public_id: str # The public ID of the Synthetic test.} @optional {last_version_number: int(int64) # The version number of the last item from the previous page. Omit to get the first page., limit: int(int64) # Maximum number of version records to return per page.} @returns(200) {data: [map], meta: map{next_last_version_number: int(int64)?, retention_period_in_days: int(int64)}} # OK @errors {403: API error response., 404: API error response., 429: Too many requests} @endpoint GET /api/v2/synthetics/tests/{public_id}/version_history/{version_number} @desc Get a specific version of a test @required {public_id: str # The public ID of the Synthetic test., version_number: int(int64) # The version number to retrieve.} @optional {include_change_metadata: bool # If `true`, include change metadata in the response., only_check_existence: bool # If `true`, only check whether the version exists without returning its full payload. Returns an empty object if the version exists, or 404 if not.} @returns(200) {data: map{attributes: map{author: map{email: str, handle: str, id: str, name: str}, change_metadata: [map], payload: map, version_payload_created_at: str(date-time)}, id: str, type: str}} # OK @errors {404: API error response., 429: Too many requests} @endpoint PATCH /api/v2/synthetics/variables/{variable_id}/jsonpatch @desc Patch a global variable @required {variable_id: str # The ID of the global variable., data: map{attributes: map, type: str} # Data object for a JSON Patch request on a Synthetic global variable.} @returns(200) {data: map{attributes: map{attributes: map{restricted_roles: [str]}, description: str, id: str, is_fido: bool, is_totp: bool, name: str, parse_test_options: map{field: str, localVariableName: str, parser: map, type: str}, parse_test_public_id: str, tags: [str], value: map{options: map, secure: bool, value: str}}, id: str, type: str}} # OK @errors {400: Bad Request, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/tags/enrichment @desc List tag pipeline rulesets @returns(200) {data: [map]} # OK @errors {429: Too many requests} @endpoint POST /api/v2/tags/enrichment @desc Create tag pipeline ruleset @optional {data: map{attributes: map, id: str, type!: str} # The definition of `CreateRulesetRequestData` object.} @returns(200) {data: map{attributes: map{created: map{nanos: int(int32), seconds: int(int64)}, enabled: bool, last_modified_user_uuid: str, modified: map{nanos: int(int32), seconds: int(int64)}, name: str, position: int(int32), processing_status: str, rules: [map], version: int(int64)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint POST /api/v2/tags/enrichment/reorder @desc Reorder tag pipeline rulesets @required {data: [map{id: str, type!: str}] # The `ReorderRulesetResourceArray` `data`.} @returns(204) Successfully reordered rulesets @errors {429: Too many requests} @endpoint POST /api/v2/tags/enrichment/validate-query @desc Validate query @optional {data: map{attributes: map, id: str, type!: str} # The definition of `RulesValidateQueryRequestData` object.} @returns(200) {data: map{attributes: map{Canonical: str}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint DELETE /api/v2/tags/enrichment/{ruleset_id} @desc Delete tag pipeline ruleset @required {ruleset_id: str # The unique identifier of the ruleset} @returns(204) No Content @errors {429: Too many requests} @endpoint GET /api/v2/tags/enrichment/{ruleset_id} @desc Get a tag pipeline ruleset @required {ruleset_id: str # The unique identifier of the ruleset} @returns(200) {data: map{attributes: map{created: map{nanos: int(int32), seconds: int(int64)}, enabled: bool, last_modified_user_uuid: str, modified: map{nanos: int(int32), seconds: int(int64)}, name: str, position: int(int32), processing_status: str, rules: [map], version: int(int64)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint PATCH /api/v2/tags/enrichment/{ruleset_id} @desc Update tag pipeline ruleset @required {ruleset_id: str # The unique identifier of the ruleset} @optional {data: map{attributes: map, id: str, type!: str} # The definition of `UpdateRulesetRequestData` object.} @returns(200) {data: map{attributes: map{created: map{nanos: int(int32), seconds: int(int64)}, enabled: bool, last_modified_user_uuid: str, modified: map{nanos: int(int32), seconds: int(int64)}, name: str, position: int(int32), processing_status: str, rules: [map], version: int(int64)}, id: str, type: str}} # OK @errors {429: Too many requests} @endpoint GET /api/v2/team @desc Get all teams @optional {page[number]: int(int64)=0 # Specific page number to return., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., sort: str # Specifies the order of the returned teams, include: [str] # Included related resources optionally requested. Allowed enum values: `team_links, user_team_permissions`, filter[keyword]: str # Search query. Can be team name, team handle, or email of team member, filter[me]: bool # When true, only returns teams the current user belongs to, fields[team]: [str] # List of fields that need to be fetched.} @returns(200) {data: [map], included: [any], links: map{first: str, last: str?, next: str, prev: str?, self: str}, meta: map{pagination: map{first_offset: int(int64), last_offset: int(int64), limit: int(int64), next_offset: int(int64), offset: int(int64), prev_offset: int(int64), total: int(int64), type: str}}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/team @desc Create a team @required {data: map{attributes!: map, relationships: map, type!: str} # Team create} @returns(201) {data: map{attributes: map{avatar: str?, banner: int(int64)?, created_at: str(date-time), description: str?, handle: str, hidden_modules: [str]?, is_managed: bool, link_count: int(int32), modified_at: str(date-time), name: str, summary: str?, user_count: int(int32), visible_modules: [str]?}, id: str, relationships: map{team_links: map{data: [map], links: map}, user_team_permissions: map{data: map?, links: map}}, type: str}} # CREATED @errors {403: Forbidden, 409: API error response., 429: Too many requests} @endpoint GET /api/v2/team-hierarchy-links @desc Get team hierarchy links @optional {page[number]: int(int64)=0 # Specific page number to return., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., filter[parent_team]: str # Filter by parent team ID, filter[sub_team]: str # Filter by sub team ID} @returns(200) {data: [map], included: [map], links: map{first: str?, last: str?, next: str?, prev: str?, self: str}, meta: map{page: map{first_number: int(int64), last_number: int(int64), next_number: int(int64)?, number: int(int64), prev_number: int(int64)?, size: int(int64), total: int(int64), type: str}}} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/team-hierarchy-links @desc Create a team hierarchy link @required {data: map{relationships!: map, type!: str} # Data provided when creating a team hierarchy link} @returns(200) {data: map{attributes: map{created_at: str(date-time), provisioned_by: str}, id: str, relationships: map{parent_team: map{data: map}, sub_team: map{data: map}}, type: str}, included: [map], links: map{first: str?, last: str?, next: str?, prev: str?, self: str}} # OK @errors {403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint DELETE /api/v2/team-hierarchy-links/{link_id} @desc Remove a team hierarchy link @required {link_id: str # The team hierarchy link's identifier} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team-hierarchy-links/{link_id} @desc Get a team hierarchy link @required {link_id: str # The team hierarchy link's identifier} @returns(200) {data: map{attributes: map{created_at: str(date-time), provisioned_by: str}, id: str, relationships: map{parent_team: map{data: map}, sub_team: map{data: map}}, type: str}, included: [map], links: map{first: str?, last: str?, next: str?, prev: str?, self: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/connections @desc Delete team connections @required {data: [map{id!: str, type!: str}] # Array of team connection IDs to delete.} @returns(204) No Content @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/team/connections @desc List team connections @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., filter[sources]: [str] # Filter team connections by external source systems., filter[team_ids]: [str] # Filter team connections by Datadog team IDs., filter[connected_team_ids]: [str] # Filter team connections by connected team IDs from external systems., filter[connection_ids]: [str] # Filter team connections by connection IDs.} @returns(200) {data: [map], meta: map{page: map{first_number: int(int64), last_number: int(int64), next_number: int(int64)?, number: int(int64), prev_number: int(int64)?, size: int(int64), total: int(int64), type: str}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/team/connections @desc Create team connections @required {data: [map{attributes: map, relationships: map, type!: str}] # Array of team connections to create.} @returns(201) {data: [map], meta: map{page: map{first_number: int(int64), last_number: int(int64), next_number: int(int64)?, number: int(int64), prev_number: int(int64)?, size: int(int64), total: int(int64), type: str}}} # Created @errors {400: Bad Request, 403: Forbidden, 409: Conflict, 429: Too many requests} @endpoint GET /api/v2/team/sync @desc Get team sync configurations @required {filter[source]: str # Filter by the external source platform for team synchronization} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/team/sync @desc Link Teams with GitHub Teams @required {data: map{attributes!: map, id: str, type!: str} # A configuration governing syncing between Datadog teams and teams from an external system.} @returns(200) OK @returns(204) No Content @errors {403: Forbidden, 429: Too many requests, 500: Internal Server Error - Unexpected error during linking.} @endpoint GET /api/v2/team/{super_team_id}/member_teams @desc Get all member teams @required {super_team_id: str # None} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., fields[team]: [str] # List of fields that need to be fetched.} @returns(200) {data: [map], included: [any], links: map{first: str, last: str?, next: str, prev: str?, self: str}, meta: map{pagination: map{first_offset: int(int64), last_offset: int(int64), limit: int(int64), next_offset: int(int64), offset: int(int64), prev_offset: int(int64), total: int(int64), type: str}}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint POST /api/v2/team/{super_team_id}/member_teams @desc Add a member team @required {super_team_id: str # None, data: map{id!: str, type!: str} # A member team} @returns(204) Added @errors {403: Forbidden, 409: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/{super_team_id}/member_teams/{member_team_id} @desc Remove a member team @required {super_team_id: str # None, member_team_id: str # None} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/{team_id} @desc Remove a team @required {team_id: str # None} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id} @desc Get a team @required {team_id: str # None} @returns(200) {data: map{attributes: map{avatar: str?, banner: int(int64)?, created_at: str(date-time), description: str?, handle: str, hidden_modules: [str]?, is_managed: bool, link_count: int(int32), modified_at: str(date-time), name: str, summary: str?, user_count: int(int32), visible_modules: [str]?}, id: str, relationships: map{team_links: map{data: [map], links: map}, user_team_permissions: map{data: map?, links: map}}, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint PATCH /api/v2/team/{team_id} @desc Update a team @required {team_id: str # None, data: map{attributes!: map, relationships: map, type!: str} # Team update request} @returns(200) {data: map{attributes: map{avatar: str?, banner: int(int64)?, created_at: str(date-time), description: str?, handle: str, hidden_modules: [str]?, is_managed: bool, link_count: int(int32), modified_at: str(date-time), name: str, summary: str?, user_count: int(int32), visible_modules: [str]?}, id: str, relationships: map{team_links: map{data: [map], links: map}, user_team_permissions: map{data: map?, links: map}}, type: str}} # OK @errors {400: API error response., 403: Forbidden, 404: API error response., 409: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/links @desc Get links for a team @required {team_id: str # None} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint POST /api/v2/team/{team_id}/links @desc Create a team link @required {team_id: str # None, data: map{attributes!: map, type!: str} # Team link create} @returns(200) {data: map{attributes: map{label: str, position: int(int32), team_id: str, url: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 422: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/{team_id}/links/{link_id} @desc Remove a team link @required {team_id: str # None, link_id: str # None} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/links/{link_id} @desc Get a team link @required {team_id: str # None, link_id: str # None} @returns(200) {data: map{attributes: map{label: str, position: int(int32), team_id: str, url: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint PATCH /api/v2/team/{team_id}/links/{link_id} @desc Update a team link @required {team_id: str # None, link_id: str # None, data: map{attributes!: map, type!: str} # Team link create} @returns(200) {data: map{attributes: map{label: str, position: int(int32), team_id: str, url: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/memberships @desc Get team memberships @required {team_id: str # None} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str # Specifies the order of returned team memberships, filter[keyword]: str # Search query, can be user email or name} @returns(200) {data: [map], included: [any], links: map{first: str, last: str?, next: str, prev: str?, self: str}, meta: map{pagination: map{first_offset: int(int64), last_offset: int(int64), limit: int(int64), next_offset: int(int64), offset: int(int64), prev_offset: int(int64), total: int(int64), type: str}}} # Represents a user's association to a team @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint POST /api/v2/team/{team_id}/memberships @desc Add a user to a team @required {team_id: str # None, data: map{attributes: map, relationships: map, type!: str} # A user's relationship with a team} @returns(200) {data: map{attributes: map{provisioned_by: str?, provisioned_by_id: str?, role: str?}, id: str, relationships: map{team: map{data: map}, user: map{data: map}}, type: str}, included: [any]} # Represents a user's association to a team @errors {403: Forbidden, 404: API error response., 409: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/{team_id}/memberships/{user_id} @desc Remove a user from a team @required {team_id: str # None, user_id: str # None} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint PATCH /api/v2/team/{team_id}/memberships/{user_id} @desc Update a user's membership attributes on a team @required {team_id: str # None, user_id: str # None, data: map{attributes: map, type!: str} # A user's relationship with a team} @returns(200) {data: map{attributes: map{provisioned_by: str?, provisioned_by_id: str?, role: str?}, id: str, relationships: map{team: map{data: map}, user: map{data: map}}, type: str}, included: [any]} # OK @errors {400: API error response., 403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/notification-rules @desc Get team notification rules @required {team_id: str # None} @returns(200) {data: [map], meta: map{page: map{first_offset: int(int64), last_offset: int(int64), limit: int(int64), next_offset: int(int64)?, offset: int(int64), prev_offset: int(int64)?, total: int(int64), type: str}}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint POST /api/v2/team/{team_id}/notification-rules @desc Create team notification rule @required {team_id: str # None, data: map{attributes!: map, id: str, type!: str} # Team notification rule} @returns(201) {data: map{attributes: map{email: map{enabled: bool}, ms_teams: map{connector_name: str}, pagerduty: map{service_name: str}, slack: map{channel: str, workspace: str}}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 409: API error response., 429: Too many requests} @endpoint DELETE /api/v2/team/{team_id}/notification-rules/{rule_id} @desc Delete team notification rule @required {team_id: str # None, rule_id: str # None} @returns(204) No Content @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/notification-rules/{rule_id} @desc Get team notification rule @required {team_id: str # None, rule_id: str # None} @returns(200) {data: map{attributes: map{email: map{enabled: bool}, ms_teams: map{connector_name: str}, pagerduty: map{service_name: str}, slack: map{channel: str, workspace: str}}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint PUT /api/v2/team/{team_id}/notification-rules/{rule_id} @desc Update team notification rule @required {team_id: str # None, rule_id: str # None, data: map{attributes!: map, id: str, type!: str} # Team notification rule} @returns(200) {data: map{attributes: map{email: map{enabled: bool}, ms_teams: map{connector_name: str}, pagerduty: map{service_name: str}, slack: map{channel: str, workspace: str}}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/team/{team_id}/permission-settings @desc Get permission settings for a team @required {team_id: str # None} @returns(200) {data: [map]} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint PUT /api/v2/team/{team_id}/permission-settings/{action} @desc Update permission setting for team @required {team_id: str # None, action: str # None, data: map{attributes: map, type!: str} # Team permission setting update} @returns(200) {data: map{attributes: map{action: str, editable: bool, options: [str], title: str, value: str}, id: str, type: str}} # OK @errors {403: Forbidden, 404: API error response., 429: Too many requests} @endpoint GET /api/v2/teams @desc Get a list of all incident teams @optional {include: str # Specifies which types of related objects should be included in the response., page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[offset]: int(int64)=0 # Specific offset to use as the beginning of the returned page., filter: str # A search query that filters teams by name.} @returns(200) {data: [map], included: [any], meta: map{pagination: map{next_offset: int(int64), offset: int(int64), size: int(int64)}}} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/teams @desc Create a new incident team @required {data: map{attributes: map, relationships: map, type!: str} # Incident Team data for a create request.} @returns(201) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # CREATED @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint DELETE /api/v2/teams/{team_id} @desc Delete an existing incident team @required {team_id: str # The ID of the incident team.} @returns(204) OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/teams/{team_id} @desc Get details of an incident team @required {team_id: str # The ID of the incident team.} @optional {include: str # Specifies which types of related objects should be included in the response.} @returns(200) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/teams/{team_id} @desc Update an existing incident team @required {team_id: str # The ID of the incident team., data: map{attributes: map, id: str, relationships: map, type!: str} # Incident Team data for an update request.} @returns(200) {data: map{attributes: map{created: str(date-time), modified: str(date-time), name: str}, id: str, relationships: map{created_by: map{data: map}, last_modified_by: map{data: map}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 401: Unauthorized, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PATCH /api/v2/test/flaky-test-management/tests @desc Update flaky test states @required {data: map{attributes!: map, type!: str} # The JSON:API data for updating flaky test states.} @returns(200) {data: map{attributes: map{has_errors: bool, results: [map]}, id: str, type: str}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint POST /api/v2/test/flaky-test-management/tests @desc Search flaky tests @optional {data: map{attributes: map, type: str} # The JSON:API data for flaky tests search request.} @returns(200) {data: [map], meta: map{pagination: map{next_page: str?}}} # OK @errors {400: Bad Request, 403: Not Authorized, 429: Too many requests} @endpoint GET /api/v2/usage/application_security @desc Get hourly usage for application security @required {start_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour.} @optional {end_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/billing_dimension_mapping @desc Get billing dimension mapping for usage endpoints @optional {filter[month]: str(date-time) # Datetime in ISO-8601 format, UTC, and for mappings beginning this month. Defaults to the current month., filter[view]: str=active # String to specify whether to retrieve active billing dimension mappings for the contract or for all available mappings. Allowed views have the string `active` or `all`. Defaults to `active`.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/cost_by_org @desc Get cost across multi-org account @required {start_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month.} @optional {end_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/estimated_cost @desc Get estimated cost across your account @optional {view: str # String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`., start_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month. **Either start_month or start_date should be specified, but not both.** (start_month cannot go beyond two months in the past). Provide an `end_month` to view month-over-month cost., end_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month., start_date: str(date-time) # Datetime in ISO-8601 format, UTC, precise to day: `[YYYY-MM-DD]` for cost beginning this day. **Either start_month or start_date should be specified, but not both.** (start_date cannot go beyond two months in the past). Provide an `end_date` to view day-over-day cumulative cost., end_date: str(date-time) # Datetime in ISO-8601 format, UTC, precise to day: `[YYYY-MM-DD]` for cost ending this day., cost_aggregation: str # Controls how costs are aggregated when using `start_date`. The `cumulative` option returns month-to-date running totals., include_connected_accounts: bool=false # Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/historical_cost @desc Get historical cost across your account @required {start_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost beginning this month.} @optional {view: str # String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`., end_month: str(date-time) # Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]` for cost ending this month., include_connected_accounts: bool=false # Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/hourly_usage @desc Get hourly usage by product family @required {filter[timestamp][start]: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: [YYYY-MM-DDThh] for usage beginning at this hour., filter[product_families]: str # Comma separated list of product families to retrieve. Available families are `all`, `analyzed_logs`, `application_security`, `audit_trail`, `bits_ai`, `serverless`, `ci_app`, `cloud_cost_management`, `cloud_siem`, `csm_container_enterprise`, `csm_host_enterprise`, `cspm`, `custom_events`, `cws`, `dbm`, `error_tracking`, `fargate`, `infra_hosts`, `incident_management`, `indexed_logs`, `indexed_spans`, `ingested_spans`, `iot`, `lambda_traced_invocations`, `llm_observability`, `logs`, `network_flows`, `network_hosts`, `network_monitoring`, `observability_pipelines`, `online_archive`, `profiling`, `product_analytics`, `rum`, `rum_browser_sessions`, `rum_mobile_sessions`, `sds`, `snmp`, `software_delivery`, `synthetics_api`, `synthetics_browser`, `synthetics_mobile`, `synthetics_parallel_testing`, `timeseries`, `vuln_management` and `workflow_executions`. The following product family has been **deprecated**: `audit_logs`.} @optional {filter[timestamp][end]: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: [YYYY-MM-DDThh] for usage ending **before** this hour., filter[include_descendants]: bool=false # Include child org usage in the response. Defaults to false., filter[include_connected_accounts]: bool=false # Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to false., filter[include_breakdown]: bool=false # Include breakdown of usage by subcategories where applicable (for product family logs only). Defaults to false., filter[versions]: str # Comma separated list of product family versions to use in the format `product_family:version`. For example, `infra_hosts:1.0.0`. If this parameter is not used, the API will use the latest version of each requested product family. Currently all families have one version `1.0.0`., page[limit]: int(int32)=500 # Maximum number of results to return (between 1 and 500) - defaults to 500 if limit not specified., page[next_record_id]: str # List following results with a next_record_id provided in the previous query.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/lambda_traced_invocations @desc Get hourly usage for Lambda traced invocations @required {start_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour.} @optional {end_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/observability_pipelines @desc Get hourly usage for observability pipelines @required {start_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage beginning at this hour.} @optional {end_hr: str(date-time) # Datetime in ISO-8601 format, UTC, precise to hour: `[YYYY-MM-DDThh]` for usage ending **before** this hour.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/projected_cost @desc Get projected cost across your account @optional {view: str # String to specify whether cost is broken down at a parent-org level or at the sub-org level. Available views are `summary` and `sub-org`. Defaults to `summary`., include_connected_accounts: bool=false # Boolean to specify whether to include accounts connected to the current account as partner customers in the Datadog partner network program. Defaults to `false`.} @returns(200) OK @errors {400: Bad Request, 403: Forbidden - User is not authorized, 429: Too many requests} @endpoint GET /api/v2/usage/usage-attribution-types @desc Get usage attribution types @returns(200) OK @errors {403: Forbidden - User is not authorized, 429: Too many requests} @endpoint POST /api/v2/user_invitations @desc Send invitation emails @required {data: [map{relationships!: map, type!: str}] # List of user invitations.} @returns(201) {data: [map]} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint GET /api/v2/user_invitations/{user_invitation_uuid} @desc Get a user invitation @required {user_invitation_uuid: str # The UUID of the user invitation.} @returns(200) {data: map{attributes: map{created_at: str(date-time), expires_at: str(date-time), invite_type: str, uuid: str}, id: str, relationships: map{user: map{data: map}}, type: str}} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/users @desc List all users @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return., sort: str=name # User attribute to order results by. Sort order is ascending by default. Sort order is descending if the field is prefixed by a negative sign, for example `sort=-name`. Options: `name`, `modified_at`, `user_count`., sort_dir: str # Direction of sort. Options: `asc`, `desc`., filter: str # Filter all users by the given string. Defaults to no filtering., filter[status]: str # Filter on status attribute. Comma separated list, with possible values `Active`, `Pending`, and `Disabled`. Defaults to no filtering.} @returns(200) {data: [map], included: [any], meta: map{page: map{total_count: int(int64), total_filtered_count: int(int64)}}} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint POST /api/v2/users @desc Create a user @required {data: map{attributes!: map, relationships: map, type!: str} # Object to create a user.} @returns(201) {data: map{attributes: map{created_at: str(date-time), disabled: bool, email: str, handle: str, icon: str, last_login_time: str(date-time)?, mfa_enabled: bool, modified_at: str(date-time), name: str?, service_account: bool, status: str, title: str?, verified: bool}, id: str, relationships: map{org: map{data: map}, other_orgs: map{data: [map]}, other_users: map{data: [map]}, roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication error, 429: Too many requests} @endpoint DELETE /api/v2/users/{user_id} @desc Disable a user @required {user_id: str # The ID of the user.} @returns(204) OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/users/{user_id} @desc Get user details @required {user_id: str # The ID of the user.} @returns(200) {data: map{attributes: map{created_at: str(date-time), disabled: bool, email: str, handle: str, icon: str, last_login_time: str(date-time)?, mfa_enabled: bool, modified_at: str(date-time), name: str?, service_account: bool, status: str, title: str?, verified: bool}, id: str, relationships: map{org: map{data: map}, other_orgs: map{data: [map]}, other_users: map{data: [map]}, roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint PATCH /api/v2/users/{user_id} @desc Update a user @required {user_id: str # The ID of the user., data: map{attributes!: map, id!: str, type!: str} # Object to update a user.} @returns(200) {data: map{attributes: map{created_at: str(date-time), disabled: bool, email: str, handle: str, icon: str, last_login_time: str(date-time)?, mfa_enabled: bool, modified_at: str(date-time), name: str?, service_account: bool, status: str, title: str?, verified: bool}, id: str, relationships: map{org: map{data: map}, other_orgs: map{data: [map]}, other_users: map{data: [map]}, roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {400: Bad Request, 403: Authentication error, 404: Not found, 422: Unprocessable Entity, 429: Too many requests} @endpoint GET /api/v2/users/{user_id}/orgs @desc Get a user organization @required {user_id: str # The ID of the user.} @returns(200) {data: map{attributes: map{created_at: str(date-time), disabled: bool, email: str, handle: str, icon: str, last_login_time: str(date-time)?, mfa_enabled: bool, modified_at: str(date-time), name: str?, service_account: bool, status: str, title: str?, verified: bool}, id: str, relationships: map{org: map{data: map}, other_orgs: map{data: [map]}, other_users: map{data: [map]}, roles: map{data: [map]}}, type: str}, included: [any]} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/users/{user_id}/permissions @desc Get a user permissions @required {user_id: str # The ID of the user.} @returns(200) {data: [map]} # OK @errors {403: Authentication error, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/users/{user_uuid}/memberships @desc Get user memberships @required {user_uuid: str # None} @returns(200) {data: [map], included: [any], links: map{first: str, last: str?, next: str, prev: str?, self: str}, meta: map{pagination: map{first_offset: int(int64), last_offset: int(int64), limit: int(int64), next_offset: int(int64), offset: int(int64), prev_offset: int(int64), total: int(int64), type: str}}} # Represents a user's association to a team @errors {404: API error response., 429: Too many requests} @endpoint GET /api/v2/widgets/{experience_type} @desc Search widgets @required {experience_type: str # The experience type for the widget.} @optional {filter[widgetType]: str # Filter widgets by widget type., filter[creatorHandle]: str # Filter widgets by the email handle of the creator., filter[isFavorited]: bool # Filter to only widgets favorited by the current user., filter[title]: str # Filter widgets by title (substring match)., filter[tags]: str # Filter widgets by tags. Format as bracket-delimited CSV, e.g. `[tag1,tag2]`., sort: str=-modified_at # Sort field for the results. Prefix with `-` for descending order. Allowed values: `title`, `created_at`, `modified_at`., page[number]: int=0 # Page number for pagination (0-indexed)., page[size]: int=50 # Number of widgets per page.} @returns(200) {data: [map], included: [map], meta: map{created_by_anyone_total: int(int64), created_by_you_total: int(int64), favorited_by_you_total: int(int64), filtered_total: int(int64)}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/widgets/{experience_type} @desc Create a widget @required {experience_type: str # The experience type for the widget., data: map{attributes!: map, type!: str} # Data for creating or updating a widget.} @returns(200) {data: map{attributes: map{created_at: str, definition: map{title: str, type: str}, is_favorited: bool, modified_at: str, tags: [str]?}, id: str, relationships: map{created_by: map{data: map}, modified_by: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/widgets/{experience_type}/{uuid} @desc Delete a widget @required {experience_type: str # The experience type for the widget., uuid: str(uuid) # The UUID of the widget.} @returns(204) No Content @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint GET /api/v2/widgets/{experience_type}/{uuid} @desc Get a widget @required {experience_type: str # The experience type for the widget., uuid: str(uuid) # The UUID of the widget.} @returns(200) {data: map{attributes: map{created_at: str, definition: map{title: str, type: str}, is_favorited: bool, modified_at: str, tags: [str]?}, id: str, relationships: map{created_by: map{data: map}, modified_by: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/widgets/{experience_type}/{uuid} @desc Update a widget @required {experience_type: str # The experience type for the widget., uuid: str(uuid) # The UUID of the widget., data: map{attributes!: map, type!: str} # Data for creating or updating a widget.} @returns(200) {data: map{attributes: map{created_at: str, definition: map{title: str, type: str}, is_favorited: bool, modified_at: str, tags: [str]?}, id: str, relationships: map{created_by: map{data: map}, modified_by: map{data: map}}, type: str}, included: [map]} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint POST /api/v2/workflows @desc Create a Workflow @required {data: map{attributes!: map, id: str, relationships: map, type!: str} # Data related to the workflow.} @returns(201) {data: map{attributes: map{createdAt: str(date-time), description: str, name: str, published: bool, spec: map{annotations: [map], connectionEnvs: [map], handle: str, inputSchema: map, outputSchema: map, steps: [map], triggers: [any]}, tags: [str], updatedAt: str(date-time), webhookSecret: str}, id: str, relationships: map{creator: map{data: map}, owner: map{data: map}}, type: str}} # Successfully created a workflow. @errors {400: Bad request, 403: Forbidden, 429: Too many requests} @endpoint DELETE /api/v2/workflows/{workflow_id} @desc Delete an existing Workflow @required {workflow_id: str # The ID of the workflow.} @returns(204) Successfully deleted a workflow. @errors {403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/workflows/{workflow_id} @desc Get an existing Workflow @required {workflow_id: str # The ID of the workflow.} @returns(200) {data: map{attributes: map{createdAt: str(date-time), description: str, name: str, published: bool, spec: map{annotations: [map], connectionEnvs: [map], handle: str, inputSchema: map, outputSchema: map, steps: [map], triggers: [any]}, tags: [str], updatedAt: str(date-time), webhookSecret: str}, id: str, relationships: map{creator: map{data: map}, owner: map{data: map}}, type: str}} # Successfully got a workflow. @errors {400: Bad request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint PATCH /api/v2/workflows/{workflow_id} @desc Update an existing Workflow @required {workflow_id: str # The ID of the workflow., data: map{attributes!: map, id: str, relationships: map, type!: str} # Data related to the workflow being updated.} @returns(200) {data: map{attributes: map{createdAt: str(date-time), description: str, name: str, published: bool, spec: map{annotations: [map], connectionEnvs: [map], handle: str, inputSchema: map, outputSchema: map, steps: [map], triggers: [any]}, tags: [str], updatedAt: str(date-time), webhookSecret: str}, id: str, relationships: map{creator: map{data: map}, owner: map{data: map}}, type: str}} # Successfully updated a workflow. @errors {400: Bad request, 403: Forbidden, 404: Not found, 429: Too many requests} @endpoint GET /api/v2/workflows/{workflow_id}/instances @desc List workflow instances @required {workflow_id: str # The ID of the workflow.} @optional {page[size]: int(int64)=10 # Size for a given page. The maximum allowed value is 100., page[number]: int(int64)=0 # Specific page number to return.} @returns(200) {data: [map], meta: map{page: map{totalCount: int(int64)}}} # OK @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint POST /api/v2/workflows/{workflow_id}/instances @desc Execute a workflow @required {workflow_id: str # The ID of the workflow.} @optional {meta: map{payload: map} # Additional information for creating a workflow instance.} @returns(200) {data: map{id: str}} # Created @errors {400: Bad Request, 403: Forbidden, 429: Too many requests} @endpoint GET /api/v2/workflows/{workflow_id}/instances/{instance_id} @desc Get a workflow instance @required {workflow_id: str # The ID of the workflow., instance_id: str # The ID of the workflow instance.} @returns(200) {data: map{attributes: map{id: str}}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @endpoint PUT /api/v2/workflows/{workflow_id}/instances/{instance_id}/cancel @desc Cancel a workflow instance @required {workflow_id: str # The ID of the workflow., instance_id: str # The ID of the workflow instance.} @returns(200) {data: map{id: str}} # OK @errors {400: Bad Request, 403: Forbidden, 404: Not Found, 429: Too many requests} @end