Skip to content

Commit dade0b9

Browse files
author
ci.datadog-api-spec
committed
Regenerate client from commit 09513e2 of spec repo
1 parent 072e71e commit dade0b9

19 files changed

+954
-1
lines changed

.generator/schemas/v2/openapi.yaml

Lines changed: 111 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41346,6 +41346,7 @@ components:
4134641346
example: CloudTrail Account Change
4134741347
oneOf:
4134841348
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingLibrary'
41349+
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustom'
4134941350
ObservabilityPipelineOcsfMapperProcessorType:
4135041351
default: ocsf_mapper
4135141352
description: The processor type. The value should always be `ocsf_mapper`.
@@ -41355,6 +41356,116 @@ components:
4135541356
type: string
4135641357
x-enum-varnames:
4135741358
- OCSF_MAPPER
41359+
ObservabilityPipelineOcsfMappingCustom:
41360+
description: Custom OCSF mapping configuration for transforming logs.
41361+
properties:
41362+
mapping:
41363+
description: A list of field mapping rules for transforming log fields to
41364+
OCSF schema fields.
41365+
items:
41366+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomFieldMapping'
41367+
type: array
41368+
metadata:
41369+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomMetadata'
41370+
version:
41371+
description: The version of the custom mapping configuration.
41372+
example: 1
41373+
format: int64
41374+
type: integer
41375+
required:
41376+
- mapping
41377+
- metadata
41378+
- version
41379+
type: object
41380+
ObservabilityPipelineOcsfMappingCustomFieldMapping:
41381+
description: Defines a single field mapping rule for transforming a source field
41382+
to an OCSF destination field.
41383+
properties:
41384+
default:
41385+
description: The default value to use if the source field is missing or
41386+
empty.
41387+
example: ''
41388+
dest:
41389+
description: The destination OCSF field path.
41390+
example: device.type
41391+
type: string
41392+
lookup:
41393+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookup'
41394+
source:
41395+
description: The source field path from the log event.
41396+
example: host.type
41397+
sources:
41398+
description: Multiple source field paths for combined mapping.
41399+
example:
41400+
- field1
41401+
- field2
41402+
value:
41403+
description: A static value to use for the destination field.
41404+
example: static_value
41405+
required:
41406+
- dest
41407+
type: object
41408+
ObservabilityPipelineOcsfMappingCustomLookup:
41409+
description: Lookup table configuration for mapping source values to destination
41410+
values.
41411+
properties:
41412+
default:
41413+
description: The default value to use if no lookup match is found.
41414+
example: unknown
41415+
table:
41416+
description: A list of lookup table entries for value transformation.
41417+
items:
41418+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookupTableEntry'
41419+
type: array
41420+
type: object
41421+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry:
41422+
description: A single entry in a lookup table for value transformation.
41423+
properties:
41424+
contains:
41425+
description: The substring to match in the source value.
41426+
example: Desktop
41427+
type: string
41428+
equals:
41429+
description: The exact value to match in the source.
41430+
example: desktop
41431+
equals_source:
41432+
description: The source field to match against.
41433+
example: device_type
41434+
type: string
41435+
matches:
41436+
description: A regex pattern to match in the source value.
41437+
example: ^Desktop.*
41438+
type: string
41439+
not_matches:
41440+
description: A regex pattern that must not match the source value.
41441+
example: ^Mobile.*
41442+
type: string
41443+
value:
41444+
description: The value to use when a match is found.
41445+
example: desktop
41446+
type: object
41447+
ObservabilityPipelineOcsfMappingCustomMetadata:
41448+
description: Metadata for the custom OCSF mapping.
41449+
properties:
41450+
class:
41451+
description: The OCSF event class name.
41452+
example: Device Inventory Info
41453+
type: string
41454+
profiles:
41455+
description: A list of OCSF profiles to apply.
41456+
example:
41457+
- container
41458+
items:
41459+
type: string
41460+
type: array
41461+
version:
41462+
description: The OCSF schema version.
41463+
example: 1.3.0
41464+
type: string
41465+
required:
41466+
- class
41467+
- version
41468+
type: object
4135841469
ObservabilityPipelineOcsfMappingLibrary:
4135941470
description: Predefined library mappings for common log formats.
4136041471
enum:

docs/datadog_api_client.v2.model.rst

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17847,6 +17847,41 @@ datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapper\_processor\_
1784717847
:members:
1784817848
:show-inheritance:
1784917849

17850+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom module
17851+
-----------------------------------------------------------------------------------
17852+
17853+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom
17854+
:members:
17855+
:show-inheritance:
17856+
17857+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_field\_mapping module
17858+
---------------------------------------------------------------------------------------------------
17859+
17860+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping
17861+
:members:
17862+
:show-inheritance:
17863+
17864+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup module
17865+
-------------------------------------------------------------------------------------------
17866+
17867+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup
17868+
:members:
17869+
:show-inheritance:
17870+
17871+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup\_table\_entry module
17872+
---------------------------------------------------------------------------------------------------------
17873+
17874+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry
17875+
:members:
17876+
:show-inheritance:
17877+
17878+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_metadata module
17879+
---------------------------------------------------------------------------------------------
17880+
17881+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata
17882+
:members:
17883+
:show-inheritance:
17884+
1785017885
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_library module
1785117886
------------------------------------------------------------------------------------
1785217887

examples/v2/observability-pipelines/ValidatePipeline_3024756866.py

Lines changed: 140 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
"""
2+
Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response
3+
"""
4+
5+
from datadog_api_client import ApiClient, Configuration
6+
from datadog_api_client.v2.api.observability_pipelines_api import ObservabilityPipelinesApi
7+
from datadog_api_client.v2.model.observability_pipeline_config import ObservabilityPipelineConfig
8+
from datadog_api_client.v2.model.observability_pipeline_config_processor_group import (
9+
ObservabilityPipelineConfigProcessorGroup,
10+
)
11+
from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes
12+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import (
13+
ObservabilityPipelineDatadogAgentSource,
14+
)
15+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source_type import (
16+
ObservabilityPipelineDatadogAgentSourceType,
17+
)
18+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination import (
19+
ObservabilityPipelineDatadogLogsDestination,
20+
)
21+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination_type import (
22+
ObservabilityPipelineDatadogLogsDestinationType,
23+
)
24+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor import (
25+
ObservabilityPipelineOcsfMapperProcessor,
26+
)
27+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_mapping import (
28+
ObservabilityPipelineOcsfMapperProcessorMapping,
29+
)
30+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_type import (
31+
ObservabilityPipelineOcsfMapperProcessorType,
32+
)
33+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom import (
34+
ObservabilityPipelineOcsfMappingCustom,
35+
)
36+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping import (
37+
ObservabilityPipelineOcsfMappingCustomFieldMapping,
38+
)
39+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup import (
40+
ObservabilityPipelineOcsfMappingCustomLookup,
41+
)
42+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry import (
43+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry,
44+
)
45+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata import (
46+
ObservabilityPipelineOcsfMappingCustomMetadata,
47+
)
48+
from datadog_api_client.v2.model.observability_pipeline_spec import ObservabilityPipelineSpec
49+
from datadog_api_client.v2.model.observability_pipeline_spec_data import ObservabilityPipelineSpecData
50+
51+
body = ObservabilityPipelineSpec(
52+
data=ObservabilityPipelineSpecData(
53+
attributes=ObservabilityPipelineDataAttributes(
54+
config=ObservabilityPipelineConfig(
55+
destinations=[
56+
ObservabilityPipelineDatadogLogsDestination(
57+
id="datadog-logs-destination",
58+
inputs=[
59+
"my-processor-group",
60+
],
61+
type=ObservabilityPipelineDatadogLogsDestinationType.DATADOG_LOGS,
62+
),
63+
],
64+
processor_groups=[
65+
ObservabilityPipelineConfigProcessorGroup(
66+
enabled=True,
67+
id="my-processor-group",
68+
include="service:my-service",
69+
inputs=[
70+
"datadog-agent-source",
71+
],
72+
processors=[
73+
ObservabilityPipelineOcsfMapperProcessor(
74+
enabled=True,
75+
id="ocsf-mapper-processor",
76+
include="service:my-service",
77+
type=ObservabilityPipelineOcsfMapperProcessorType.OCSF_MAPPER,
78+
mappings=[
79+
ObservabilityPipelineOcsfMapperProcessorMapping(
80+
include="source:custom",
81+
mapping=ObservabilityPipelineOcsfMappingCustom(
82+
version=1,
83+
metadata=ObservabilityPipelineOcsfMappingCustomMetadata(
84+
_class="Device Inventory Info",
85+
profiles=[
86+
"container",
87+
],
88+
version="1.3.0",
89+
),
90+
mapping=[
91+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
92+
dest="time",
93+
source="timestamp",
94+
default="",
95+
),
96+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
97+
dest="severity",
98+
source="level",
99+
default="",
100+
),
101+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
102+
dest="device.type",
103+
source="host.type",
104+
default="",
105+
lookup=ObservabilityPipelineOcsfMappingCustomLookup(
106+
table=[
107+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry(
108+
contains="Desktop",
109+
value="desktop",
110+
),
111+
],
112+
),
113+
),
114+
],
115+
),
116+
),
117+
],
118+
),
119+
],
120+
),
121+
],
122+
sources=[
123+
ObservabilityPipelineDatadogAgentSource(
124+
id="datadog-agent-source",
125+
type=ObservabilityPipelineDatadogAgentSourceType.DATADOG_AGENT,
126+
),
127+
],
128+
),
129+
name="OCSF Custom Mapper Pipeline",
130+
),
131+
type="pipelines",
132+
),
133+
)
134+
135+
configuration = Configuration()
136+
with ApiClient(configuration) as api_client:
137+
api_instance = ObservabilityPipelinesApi(api_client)
138+
response = api_instance.validate_pipeline(body=body)
139+
140+
print(response)

examples/v2/observability-pipelines/ValidatePipeline_3565101276.py

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
"""
2+
Validate an observability pipeline with OCSF mapper library mapping returns "OK" response
3+
"""
4+
5+
from datadog_api_client import ApiClient, Configuration
6+
from datadog_api_client.v2.api.observability_pipelines_api import ObservabilityPipelinesApi
7+
from datadog_api_client.v2.model.observability_pipeline_config import ObservabilityPipelineConfig
8+
from datadog_api_client.v2.model.observability_pipeline_config_processor_group import (
9+
ObservabilityPipelineConfigProcessorGroup,
10+
)
11+
from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes
12+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import (
13+
ObservabilityPipelineDatadogAgentSource,
14+
)
15+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source_type import (
16+
ObservabilityPipelineDatadogAgentSourceType,
17+
)
18+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination import (
19+
ObservabilityPipelineDatadogLogsDestination,
20+
)
21+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination_type import (
22+
ObservabilityPipelineDatadogLogsDestinationType,
23+
)
24+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor import (
25+
ObservabilityPipelineOcsfMapperProcessor,
26+
)
27+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_mapping import (
28+
ObservabilityPipelineOcsfMapperProcessorMapping,
29+
)
30+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_type import (
31+
ObservabilityPipelineOcsfMapperProcessorType,
32+
)
33+
from datadog_api_client.v2.model.observability_pipeline_spec import ObservabilityPipelineSpec
34+
from datadog_api_client.v2.model.observability_pipeline_spec_data import ObservabilityPipelineSpecData
35+
36+
body = ObservabilityPipelineSpec(
37+
data=ObservabilityPipelineSpecData(
38+
attributes=ObservabilityPipelineDataAttributes(
39+
config=ObservabilityPipelineConfig(
40+
destinations=[
41+
ObservabilityPipelineDatadogLogsDestination(
42+
id="datadog-logs-destination",
43+
inputs=[
44+
"my-processor-group",
45+
],
46+
type=ObservabilityPipelineDatadogLogsDestinationType.DATADOG_LOGS,
47+
),
48+
],
49+
processor_groups=[
50+
ObservabilityPipelineConfigProcessorGroup(
51+
enabled=True,
52+
id="my-processor-group",
53+
include="service:my-service",
54+
inputs=[
55+
"datadog-agent-source",
56+
],
57+
processors=[
58+
ObservabilityPipelineOcsfMapperProcessor(
59+
enabled=True,
60+
id="ocsf-mapper-processor",
61+
include="service:my-service",
62+
type=ObservabilityPipelineOcsfMapperProcessorType.OCSF_MAPPER,
63+
mappings=[
64+
ObservabilityPipelineOcsfMapperProcessorMapping(
65+
include="source:cloudtrail",
66+
mapping="CloudTrail Account Change",
67+
),
68+
],
69+
),
70+
],
71+
),
72+
],
73+
sources=[
74+
ObservabilityPipelineDatadogAgentSource(
75+
id="datadog-agent-source",
76+
type=ObservabilityPipelineDatadogAgentSourceType.DATADOG_AGENT,
77+
),
78+
],
79+
),
80+
name="OCSF Mapper Pipeline",
81+
),
82+
type="pipelines",
83+
),
84+
)
85+
86+
configuration = Configuration()
87+
with ApiClient(configuration) as api_client:
88+
api_instance = ObservabilityPipelinesApi(api_client)
89+
response = api_instance.validate_pipeline(body=body)
90+
91+
print(response)

0 commit comments

Comments
 (0)