Class: DatadogAPIClient::V2::SecurityMonitoringRuleOptions

Inherits:
Object
  • Object
show all
Includes:
BaseGenericModel
Defined in:
lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb

Overview

Options on rules.

Instance Attribute Summary collapse

Method Summary

Methods included from BaseGenericModel

included

Instance Attribute Details

#additional_propertiesObject

Returns the value of attribute additional_properties.



61
62
63
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 61

def additional_properties
  @additional_properties
end

#compliance_rule_optionsObject

Options for cloud_configuration rules. Fields ‘resourceType` and `regoRule` are mandatory when managing custom `cloud_configuration` rules.



27
28
29
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 27

def compliance_rule_options
  @compliance_rule_options
end

#decrease_criticality_based_on_envObject

If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce signal noise. The severity is decreased by one level: ‘CRITICAL` in production becomes `HIGH` in non-production, `HIGH` becomes `MEDIUM` and so on. `INFO` remains `INFO`. The decrement is applied when the environment tag of the signal starts with `staging`, `test` or `dev`.



32
33
34
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 32

def decrease_criticality_based_on_env
  @decrease_criticality_based_on_env
end

#detection_methodObject

The detection method.



35
36
37
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 35

def detection_method
  @detection_method
end

#evaluation_windowObject

A time window is specified to match when at least one of the cases matches true. This is a sliding window and evaluates in real time. For third party rules, this field is not used.



39
40
41
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 39

def evaluation_window
  @evaluation_window
end

#hardcoded_evaluator_typeObject

Hardcoded evaluator type.



42
43
44
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 42

def hardcoded_evaluator_type
  @hardcoded_evaluator_type
end

#impossible_travel_optionsObject

Options on impossible travel rules.



45
46
47
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 45

def impossible_travel_options
  @impossible_travel_options
end

#keep_aliveObject

Once a signal is generated, the signal will remain “open” if a case is matched at least once within this keep alive window. For third party rules, this field is not used.



49
50
51
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 49

def keep_alive
  @keep_alive
end

#max_signal_durationObject

A signal will “close” regardless of the query being matched once the time exceeds the maximum duration. This time is calculated from the first seen timestamp.



53
54
55
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 53

def max_signal_duration
  @max_signal_duration
end

#new_value_optionsObject

Options on new value rules.



56
57
58
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 56

def new_value_options
  @new_value_options
end

#third_party_rule_optionsObject

Options on third party rules.



59
60
61
# File 'lib/datadog_api_client/v2/models/security_monitoring_rule_options.rb', line 59

def third_party_rule_options
  @third_party_rule_options
end