297 lines
12 KiB
JSON
297 lines
12 KiB
JSON
{
|
|
"name": "SearchSecuritySignals",
|
|
"fully_qualified_name": "DatadogApi.SearchSecuritySignals@0.1.0",
|
|
"description": "Retrieve security signals based on a search query.\n\nUse this tool to find security signals that match specific search criteria. Ideal for monitoring security alerts and potential threats.",
|
|
"toolkit": {
|
|
"name": "ArcadeDatadogApi",
|
|
"description": null,
|
|
"version": "0.1.0"
|
|
},
|
|
"input": {
|
|
"parameters": [
|
|
{
|
|
"name": "minimum_timestamp",
|
|
"required": false,
|
|
"description": "The minimum timestamp for requested security signals. Use ISO 8601 format, e.g., '2023-10-05T14:48:00Z'.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The minimum timestamp for requested security signals."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "filter.from"
|
|
},
|
|
{
|
|
"name": "search_query",
|
|
"required": false,
|
|
"description": "A string used to search and filter the security signals based on specific criteria.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "Search query for listing security signals."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "filter.query"
|
|
},
|
|
{
|
|
"name": "maximum_timestamp_for_signals",
|
|
"required": false,
|
|
"description": "The latest date and time for security signals to be included in the search results, formatted as a string.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The maximum timestamp for requested security signals."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "filter.to"
|
|
},
|
|
{
|
|
"name": "pagination_cursor",
|
|
"required": false,
|
|
"description": "The cursor to continue listing results from the previous query. Use it for paginating results.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "A list of results using the cursor provided in the previous query."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "page.cursor"
|
|
},
|
|
{
|
|
"name": "maximum_signals_per_response",
|
|
"required": false,
|
|
"description": "The maximum number of security signals to return in the response.",
|
|
"value_schema": {
|
|
"val_type": "integer",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The maximum number of security signals in the response."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "page.limit"
|
|
},
|
|
{
|
|
"name": "sort_order",
|
|
"required": false,
|
|
"description": "Specify how to sort the security signals. Use 'timestamp' for ascending and '-timestamp' for descending order.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": [
|
|
"timestamp",
|
|
"-timestamp"
|
|
],
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The sort parameters used for querying security signals."
|
|
},
|
|
"inferrable": true,
|
|
"http_endpoint_parameter_name": "sort"
|
|
}
|
|
]
|
|
},
|
|
"output": {
|
|
"description": "Response from the API endpoint 'SearchSecurityMonitoringSignals'.",
|
|
"available_modes": [
|
|
"value",
|
|
"error",
|
|
"null"
|
|
],
|
|
"value_schema": {
|
|
"val_type": "json",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": null
|
|
}
|
|
},
|
|
"requirements": {
|
|
"authorization": null,
|
|
"secrets": [
|
|
{
|
|
"key": "DATADOG_API_KEY"
|
|
},
|
|
{
|
|
"key": "DATADOG_APPLICATION_KEY"
|
|
},
|
|
{
|
|
"key": "DATADOG_BASE_URL"
|
|
}
|
|
],
|
|
"metadata": null
|
|
},
|
|
"deprecation_message": null,
|
|
"metadata": {
|
|
"object_type": "api_wrapper_tool",
|
|
"version": "1.1.0",
|
|
"description": "Tools that enable LLMs to interact directly with the Datadog API."
|
|
},
|
|
"http_endpoint": {
|
|
"metadata": {
|
|
"object_type": "http_endpoint",
|
|
"version": "1.2.0",
|
|
"description": ""
|
|
},
|
|
"url": "https://{datadog_base_url}/api/v2/security_monitoring/signals/search",
|
|
"http_method": "POST",
|
|
"headers": {},
|
|
"parameters": [
|
|
{
|
|
"name": "filter.from",
|
|
"tool_parameter_name": "minimum_timestamp",
|
|
"description": "The minimum timestamp for requested security signals.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The minimum timestamp for requested security signals."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": null,
|
|
"documentation_urls": []
|
|
},
|
|
{
|
|
"name": "filter.query",
|
|
"tool_parameter_name": "search_query",
|
|
"description": "Search query for listing security signals.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "Search query for listing security signals."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": null,
|
|
"documentation_urls": []
|
|
},
|
|
{
|
|
"name": "filter.to",
|
|
"tool_parameter_name": "maximum_timestamp_for_signals",
|
|
"description": "The maximum timestamp for requested security signals.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The maximum timestamp for requested security signals."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": null,
|
|
"documentation_urls": []
|
|
},
|
|
{
|
|
"name": "page.cursor",
|
|
"tool_parameter_name": "pagination_cursor",
|
|
"description": "A list of results using the cursor provided in the previous query.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "A list of results using the cursor provided in the previous query."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": null,
|
|
"documentation_urls": []
|
|
},
|
|
{
|
|
"name": "page.limit",
|
|
"tool_parameter_name": "maximum_signals_per_response",
|
|
"description": "The maximum number of security signals in the response.",
|
|
"value_schema": {
|
|
"val_type": "integer",
|
|
"inner_val_type": null,
|
|
"enum": null,
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The maximum number of security signals in the response."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": 10,
|
|
"documentation_urls": []
|
|
},
|
|
{
|
|
"name": "sort",
|
|
"tool_parameter_name": "sort_order",
|
|
"description": "The sort parameters used for querying security signals.",
|
|
"value_schema": {
|
|
"val_type": "string",
|
|
"inner_val_type": null,
|
|
"enum": [
|
|
"timestamp",
|
|
"-timestamp"
|
|
],
|
|
"properties": null,
|
|
"inner_properties": null,
|
|
"description": "The sort parameters used for querying security signals."
|
|
},
|
|
"accepted_as": "body",
|
|
"required": false,
|
|
"deprecated": false,
|
|
"default": null,
|
|
"documentation_urls": []
|
|
}
|
|
],
|
|
"documentation_urls": [],
|
|
"secrets": [
|
|
{
|
|
"arcade_key": "DATADOG_API_KEY",
|
|
"parameter_name": "DD-API-KEY",
|
|
"accepted_as": "header",
|
|
"formatted_value": null,
|
|
"description": "",
|
|
"is_auth_token": false
|
|
},
|
|
{
|
|
"arcade_key": "DATADOG_APPLICATION_KEY",
|
|
"parameter_name": "DD-APPLICATION-KEY",
|
|
"accepted_as": "header",
|
|
"formatted_value": null,
|
|
"description": "",
|
|
"is_auth_token": false
|
|
},
|
|
{
|
|
"arcade_key": "DATADOG_BASE_URL",
|
|
"parameter_name": "datadog_base_url",
|
|
"accepted_as": "path",
|
|
"formatted_value": null,
|
|
"description": "",
|
|
"is_auth_token": false
|
|
}
|
|
],
|
|
"request_body_spec": "{\n \"content\": {\n \"application/json\": {\n \"schema\": {\n \"description\": \"The request for a security signal list.\",\n \"properties\": {\n \"filter\": {\n \"description\": \"Search filters for listing security signals.\",\n \"properties\": {\n \"from\": {\n \"description\": \"The minimum timestamp for requested security signals.\",\n \"example\": \"2019-01-02T09:42:36.320Z\",\n \"format\": \"date-time\",\n \"type\": \"string\"\n },\n \"query\": {\n \"description\": \"Search query for listing security signals.\",\n \"example\": \"security:attack status:high\",\n \"type\": \"string\"\n },\n \"to\": {\n \"description\": \"The maximum timestamp for requested security signals.\",\n \"example\": \"2019-01-03T09:42:36.320Z\",\n \"format\": \"date-time\",\n \"type\": \"string\"\n }\n },\n \"type\": \"object\"\n },\n \"page\": {\n \"description\": \"The paging attributes for listing security signals.\",\n \"properties\": {\n \"cursor\": {\n \"description\": \"A list of results using the cursor provided in the previous query.\",\n \"example\": \"eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==\",\n \"type\": \"string\"\n },\n \"limit\": {\n \"default\": 10,\n \"description\": \"The maximum number of security signals in the response.\",\n \"example\": 25,\n \"format\": \"int32\",\n \"maximum\": 1000,\n \"type\": \"integer\"\n }\n },\n \"type\": \"object\"\n },\n \"sort\": {\n \"description\": \"The sort parameters used for querying security signals.\",\n \"enum\": [\n \"timestamp\",\n \"-timestamp\"\n ],\n \"type\": \"string\",\n \"x-enum-varnames\": [\n \"TIMESTAMP_ASCENDING\",\n \"TIMESTAMP_DESCENDING\"\n ]\n }\n },\n \"type\": \"object\"\n }\n }\n },\n \"required\": false\n}",
|
|
"use_request_body_schema_mode": false,
|
|
"validate_request_body_schema": false
|
|
}
|
|
}
|