v2_security_monitoring_RunHistoricalJob/
v2_security-monitoring_RunHistoricalJob.rs

1// Run a historical job returns "Status created" response
2use datadog_api_client::datadog;
3use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
4use datadog_api_client::datadogV2::model::HistoricalJobOptions;
5use datadog_api_client::datadogV2::model::HistoricalJobQuery;
6use datadog_api_client::datadogV2::model::JobDefinition;
7use datadog_api_client::datadogV2::model::RunHistoricalJobRequest;
8use datadog_api_client::datadogV2::model::RunHistoricalJobRequestAttributes;
9use datadog_api_client::datadogV2::model::RunHistoricalJobRequestData;
10use datadog_api_client::datadogV2::model::RunHistoricalJobRequestDataType;
11use datadog_api_client::datadogV2::model::SecurityMonitoringRuleCaseCreate;
12use datadog_api_client::datadogV2::model::SecurityMonitoringRuleEvaluationWindow;
13use datadog_api_client::datadogV2::model::SecurityMonitoringRuleKeepAlive;
14use datadog_api_client::datadogV2::model::SecurityMonitoringRuleMaxSignalDuration;
15use datadog_api_client::datadogV2::model::SecurityMonitoringRuleQueryAggregation;
16use datadog_api_client::datadogV2::model::SecurityMonitoringRuleSeverity;
17
18#[tokio::main]
19async fn main() {
20    let body = RunHistoricalJobRequest::new().data(
21        RunHistoricalJobRequestData::new()
22            .attributes(
23                RunHistoricalJobRequestAttributes::new().job_definition(
24                    JobDefinition::new(
25                        vec![SecurityMonitoringRuleCaseCreate::new(
26                            SecurityMonitoringRuleSeverity::INFO,
27                        )
28                        .condition("a > 1".to_string())
29                        .name("Condition 1".to_string())
30                        .notifications(vec![])],
31                        1730387522611,
32                        "main".to_string(),
33                        "A large number of failed login attempts.".to_string(),
34                        "Excessive number of failed attempts.".to_string(),
35                        vec![HistoricalJobQuery::new()
36                            .aggregation(SecurityMonitoringRuleQueryAggregation::COUNT)
37                            .distinct_fields(vec![])
38                            .group_by_fields(vec![])
39                            .query("source:non_existing_src_weekend".to_string())],
40                        1730387532611,
41                    )
42                    .options(
43                        HistoricalJobOptions::new()
44                            .evaluation_window(
45                                SecurityMonitoringRuleEvaluationWindow::FIFTEEN_MINUTES,
46                            )
47                            .keep_alive(SecurityMonitoringRuleKeepAlive::ONE_HOUR)
48                            .max_signal_duration(SecurityMonitoringRuleMaxSignalDuration::ONE_DAY),
49                    )
50                    .tags(vec![])
51                    .type_("log_detection".to_string()),
52                ),
53            )
54            .type_(RunHistoricalJobRequestDataType::HISTORICALDETECTIONSJOBCREATE),
55    );
56    let mut configuration = datadog::Configuration::new();
57    configuration.set_unstable_operation_enabled("v2.RunHistoricalJob", true);
58    let api = SecurityMonitoringAPI::with_config(configuration);
59    let resp = api.run_historical_job(body).await;
60    if let Ok(value) = resp {
61        println!("{:#?}", value);
62    } else {
63        println!("{:#?}", resp.unwrap_err());
64    }
65}
v2_security_monitoring_RunHistoricalJob/v2_security-monitoring_RunHistoricalJob.rs

v2_security_monitoring_RunHistoricalJob/
v2_security-monitoring_RunHistoricalJob.rs
