Skip to content

Commit 266e27b

Browse files
author
ci.datadog-api-spec
committed
Regenerate client from commit 752f866 of spec repo
1 parent 52bf42c commit 266e27b

File tree

21 files changed

+986
-1
lines changed

21 files changed

+986
-1
lines changed

.generator/schemas/v2/openapi.yaml

Lines changed: 115 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40874,6 +40874,8 @@ components:
4087440874
type: integer
4087540875
type:
4087640876
$ref: '#/components/schemas/ObservabilityPipelineBufferOptionsMemoryType'
40877+
when_full:
40878+
$ref: '#/components/schemas/ObservabilityPipelineBufferOptionsWhenFull'
4087740879
type: object
4087840880
ObservabilityPipelineMemoryBufferSizeOptions:
4087940881
description: Options for configuring a memory buffer by queue length.
@@ -40885,6 +40887,8 @@ components:
4088540887
type: integer
4088640888
type:
4088740889
$ref: '#/components/schemas/ObservabilityPipelineBufferOptionsMemoryType'
40890+
when_full:
40891+
$ref: '#/components/schemas/ObservabilityPipelineBufferOptionsWhenFull'
4088840892
type: object
4088940893
ObservabilityPipelineMetadataEntry:
4089040894
description: A custom metadata entry.
@@ -41113,6 +41117,7 @@ components:
4111341117
example: CloudTrail Account Change
4111441118
oneOf:
4111541119
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingLibrary'
41120+
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustom'
4111641121
ObservabilityPipelineOcsfMapperProcessorType:
4111741122
default: ocsf_mapper
4111841123
description: The processor type. The value should always be `ocsf_mapper`.
@@ -41122,6 +41127,116 @@ components:
4112241127
type: string
4112341128
x-enum-varnames:
4112441129
- OCSF_MAPPER
41130+
ObservabilityPipelineOcsfMappingCustom:
41131+
description: Custom OCSF mapping configuration for transforming logs.
41132+
properties:
41133+
mapping:
41134+
description: A list of field mapping rules for transforming log fields to
41135+
OCSF schema fields.
41136+
items:
41137+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomFieldMapping'
41138+
type: array
41139+
metadata:
41140+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomMetadata'
41141+
version:
41142+
description: The version of the custom mapping configuration.
41143+
example: 1
41144+
format: int64
41145+
type: integer
41146+
required:
41147+
- mapping
41148+
- metadata
41149+
- version
41150+
type: object
41151+
ObservabilityPipelineOcsfMappingCustomFieldMapping:
41152+
description: Defines a single field mapping rule for transforming a source field
41153+
to an OCSF destination field.
41154+
properties:
41155+
default:
41156+
description: The default value to use if the source field is missing or
41157+
empty.
41158+
example: ''
41159+
dest:
41160+
description: The destination OCSF field path.
41161+
example: device.type
41162+
type: string
41163+
lookup:
41164+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookup'
41165+
source:
41166+
description: The source field path from the log event.
41167+
example: host.type
41168+
sources:
41169+
description: Multiple source field paths for combined mapping.
41170+
example:
41171+
- field1
41172+
- field2
41173+
value:
41174+
description: A static value to use for the destination field.
41175+
example: static_value
41176+
required:
41177+
- dest
41178+
type: object
41179+
ObservabilityPipelineOcsfMappingCustomLookup:
41180+
description: Lookup table configuration for mapping source values to destination
41181+
values.
41182+
properties:
41183+
default:
41184+
description: The default value to use if no lookup match is found.
41185+
example: unknown
41186+
table:
41187+
description: A list of lookup table entries for value transformation.
41188+
items:
41189+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookupTableEntry'
41190+
type: array
41191+
type: object
41192+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry:
41193+
description: A single entry in a lookup table for value transformation.
41194+
properties:
41195+
contains:
41196+
description: The substring to match in the source value.
41197+
example: Desktop
41198+
type: string
41199+
equals:
41200+
description: The exact value to match in the source.
41201+
example: desktop
41202+
equals_source:
41203+
description: The source field to match against.
41204+
example: device_type
41205+
type: string
41206+
matches:
41207+
description: A regex pattern to match in the source value.
41208+
example: ^Desktop.*
41209+
type: string
41210+
not_matches:
41211+
description: A regex pattern that must not match the source value.
41212+
example: ^Mobile.*
41213+
type: string
41214+
value:
41215+
description: The value to use when a match is found.
41216+
example: desktop
41217+
type: object
41218+
ObservabilityPipelineOcsfMappingCustomMetadata:
41219+
description: Metadata for the custom OCSF mapping.
41220+
properties:
41221+
class:
41222+
description: The OCSF event class name.
41223+
example: Device Inventory Info
41224+
type: string
41225+
profiles:
41226+
description: A list of OCSF profiles to apply.
41227+
example:
41228+
- container
41229+
items:
41230+
type: string
41231+
type: array
41232+
version:
41233+
description: The OCSF schema version.
41234+
example: 1.3.0
41235+
type: string
41236+
required:
41237+
- class
41238+
- version
41239+
type: object
4112541240
ObservabilityPipelineOcsfMappingLibrary:
4112641241
description: Predefined library mappings for common log formats.
4112741242
enum:

docs/datadog_api_client.v2.model.rst

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17742,6 +17742,41 @@ datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapper\_processor\_
1774217742
:members:
1774317743
:show-inheritance:
1774417744

17745+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom module
17746+
-----------------------------------------------------------------------------------
17747+
17748+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom
17749+
:members:
17750+
:show-inheritance:
17751+
17752+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_field\_mapping module
17753+
---------------------------------------------------------------------------------------------------
17754+
17755+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping
17756+
:members:
17757+
:show-inheritance:
17758+
17759+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup module
17760+
-------------------------------------------------------------------------------------------
17761+
17762+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup
17763+
:members:
17764+
:show-inheritance:
17765+
17766+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup\_table\_entry module
17767+
---------------------------------------------------------------------------------------------------------
17768+
17769+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry
17770+
:members:
17771+
:show-inheritance:
17772+
17773+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_metadata module
17774+
---------------------------------------------------------------------------------------------
17775+
17776+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata
17777+
:members:
17778+
:show-inheritance:
17779+
1774517780
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_library module
1774617781
------------------------------------------------------------------------------------
1774717782

examples/v2/observability-pipelines/ValidatePipeline_3024756866.py

Lines changed: 140 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
"""
2+
Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response
3+
"""
4+
5+
from datadog_api_client import ApiClient, Configuration
6+
from datadog_api_client.v2.api.observability_pipelines_api import ObservabilityPipelinesApi
7+
from datadog_api_client.v2.model.observability_pipeline_config import ObservabilityPipelineConfig
8+
from datadog_api_client.v2.model.observability_pipeline_config_processor_group import (
9+
ObservabilityPipelineConfigProcessorGroup,
10+
)
11+
from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes
12+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import (
13+
ObservabilityPipelineDatadogAgentSource,
14+
)
15+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source_type import (
16+
ObservabilityPipelineDatadogAgentSourceType,
17+
)
18+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination import (
19+
ObservabilityPipelineDatadogLogsDestination,
20+
)
21+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination_type import (
22+
ObservabilityPipelineDatadogLogsDestinationType,
23+
)
24+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor import (
25+
ObservabilityPipelineOcsfMapperProcessor,
26+
)
27+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_mapping import (
28+
ObservabilityPipelineOcsfMapperProcessorMapping,
29+
)
30+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_type import (
31+
ObservabilityPipelineOcsfMapperProcessorType,
32+
)
33+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom import (
34+
ObservabilityPipelineOcsfMappingCustom,
35+
)
36+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping import (
37+
ObservabilityPipelineOcsfMappingCustomFieldMapping,
38+
)
39+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup import (
40+
ObservabilityPipelineOcsfMappingCustomLookup,
41+
)
42+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry import (
43+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry,
44+
)
45+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata import (
46+
ObservabilityPipelineOcsfMappingCustomMetadata,
47+
)
48+
from datadog_api_client.v2.model.observability_pipeline_spec import ObservabilityPipelineSpec
49+
from datadog_api_client.v2.model.observability_pipeline_spec_data import ObservabilityPipelineSpecData
50+
51+
body = ObservabilityPipelineSpec(
52+
data=ObservabilityPipelineSpecData(
53+
attributes=ObservabilityPipelineDataAttributes(
54+
config=ObservabilityPipelineConfig(
55+
destinations=[
56+
ObservabilityPipelineDatadogLogsDestination(
57+
id="datadog-logs-destination",
58+
inputs=[
59+
"my-processor-group",
60+
],
61+
type=ObservabilityPipelineDatadogLogsDestinationType.DATADOG_LOGS,
62+
),
63+
],
64+
processor_groups=[
65+
ObservabilityPipelineConfigProcessorGroup(
66+
enabled=True,
67+
id="my-processor-group",
68+
include="service:my-service",
69+
inputs=[
70+
"datadog-agent-source",
71+
],
72+
processors=[
73+
ObservabilityPipelineOcsfMapperProcessor(
74+
enabled=True,
75+
id="ocsf-mapper-processor",
76+
include="service:my-service",
77+
type=ObservabilityPipelineOcsfMapperProcessorType.OCSF_MAPPER,
78+
mappings=[
79+
ObservabilityPipelineOcsfMapperProcessorMapping(
80+
include="source:custom",
81+
mapping=ObservabilityPipelineOcsfMappingCustom(
82+
version=1,
83+
metadata=ObservabilityPipelineOcsfMappingCustomMetadata(
84+
_class="Device Inventory Info",
85+
profiles=[
86+
"container",
87+
],
88+
version="1.3.0",
89+
),
90+
mapping=[
91+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
92+
dest="time",
93+
source="timestamp",
94+
default="",
95+
),
96+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
97+
dest="severity",
98+
source="level",
99+
default="",
100+
),
101+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
102+
dest="device.type",
103+
source="host.type",
104+
default="",
105+
lookup=ObservabilityPipelineOcsfMappingCustomLookup(
106+
table=[
107+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry(
108+
contains="Desktop",
109+
value="desktop",
110+
),
111+
],
112+
),
113+
),
114+
],
115+
),
116+
),
117+
],
118+
),
119+
],
120+
),
121+
],
122+
sources=[
123+
ObservabilityPipelineDatadogAgentSource(
124+
id="datadog-agent-source",
125+
type=ObservabilityPipelineDatadogAgentSourceType.DATADOG_AGENT,
126+
),
127+
],
128+
),
129+
name="OCSF Custom Mapper Pipeline",
130+
),
131+
type="pipelines",
132+
),
133+
)
134+
135+
configuration = Configuration()
136+
with ApiClient(configuration) as api_client:
137+
api_instance = ObservabilityPipelinesApi(api_client)
138+
response = api_instance.validate_pipeline(body=body)
139+
140+
print(response)

0 commit comments

Comments
 (0)