Skip to content

Commit 90d1760

Browse files
author
ci.datadog-api-spec
committed
Regenerate client from commit 7208b4c of spec repo
1 parent 2703897 commit 90d1760

19 files changed

+954
-1
lines changed

.generator/schemas/v2/openapi.yaml

Lines changed: 111 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41365,6 +41365,7 @@ components:
4136541365
example: CloudTrail Account Change
4136641366
oneOf:
4136741367
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingLibrary'
41368+
- $ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustom'
4136841369
ObservabilityPipelineOcsfMapperProcessorType:
4136941370
default: ocsf_mapper
4137041371
description: The processor type. The value should always be `ocsf_mapper`.
@@ -41374,6 +41375,116 @@ components:
4137441375
type: string
4137541376
x-enum-varnames:
4137641377
- OCSF_MAPPER
41378+
ObservabilityPipelineOcsfMappingCustom:
41379+
description: Custom OCSF mapping configuration for transforming logs.
41380+
properties:
41381+
mapping:
41382+
description: A list of field mapping rules for transforming log fields to
41383+
OCSF schema fields.
41384+
items:
41385+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomFieldMapping'
41386+
type: array
41387+
metadata:
41388+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomMetadata'
41389+
version:
41390+
description: The version of the custom mapping configuration.
41391+
example: 1
41392+
format: int64
41393+
type: integer
41394+
required:
41395+
- mapping
41396+
- metadata
41397+
- version
41398+
type: object
41399+
ObservabilityPipelineOcsfMappingCustomFieldMapping:
41400+
description: Defines a single field mapping rule for transforming a source field
41401+
to an OCSF destination field.
41402+
properties:
41403+
default:
41404+
description: The default value to use if the source field is missing or
41405+
empty.
41406+
example: ''
41407+
dest:
41408+
description: The destination OCSF field path.
41409+
example: device.type
41410+
type: string
41411+
lookup:
41412+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookup'
41413+
source:
41414+
description: The source field path from the log event.
41415+
example: host.type
41416+
sources:
41417+
description: Multiple source field paths for combined mapping.
41418+
example:
41419+
- field1
41420+
- field2
41421+
value:
41422+
description: A static value to use for the destination field.
41423+
example: static_value
41424+
required:
41425+
- dest
41426+
type: object
41427+
ObservabilityPipelineOcsfMappingCustomLookup:
41428+
description: Lookup table configuration for mapping source values to destination
41429+
values.
41430+
properties:
41431+
default:
41432+
description: The default value to use if no lookup match is found.
41433+
example: unknown
41434+
table:
41435+
description: A list of lookup table entries for value transformation.
41436+
items:
41437+
$ref: '#/components/schemas/ObservabilityPipelineOcsfMappingCustomLookupTableEntry'
41438+
type: array
41439+
type: object
41440+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry:
41441+
description: A single entry in a lookup table for value transformation.
41442+
properties:
41443+
contains:
41444+
description: The substring to match in the source value.
41445+
example: Desktop
41446+
type: string
41447+
equals:
41448+
description: The exact value to match in the source.
41449+
example: desktop
41450+
equals_source:
41451+
description: The source field to match against.
41452+
example: device_type
41453+
type: string
41454+
matches:
41455+
description: A regex pattern to match in the source value.
41456+
example: ^Desktop.*
41457+
type: string
41458+
not_matches:
41459+
description: A regex pattern that must not match the source value.
41460+
example: ^Mobile.*
41461+
type: string
41462+
value:
41463+
description: The value to use when a match is found.
41464+
example: desktop
41465+
type: object
41466+
ObservabilityPipelineOcsfMappingCustomMetadata:
41467+
description: Metadata for the custom OCSF mapping.
41468+
properties:
41469+
class:
41470+
description: The OCSF event class name.
41471+
example: Device Inventory Info
41472+
type: string
41473+
profiles:
41474+
description: A list of OCSF profiles to apply.
41475+
example:
41476+
- container
41477+
items:
41478+
type: string
41479+
type: array
41480+
version:
41481+
description: The OCSF schema version.
41482+
example: 1.3.0
41483+
type: string
41484+
required:
41485+
- class
41486+
- version
41487+
type: object
4137741488
ObservabilityPipelineOcsfMappingLibrary:
4137841489
description: Predefined library mappings for common log formats.
4137941490
enum:

docs/datadog_api_client.v2.model.rst

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17861,6 +17861,41 @@ datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapper\_processor\_
1786117861
:members:
1786217862
:show-inheritance:
1786317863

17864+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom module
17865+
-----------------------------------------------------------------------------------
17866+
17867+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom
17868+
:members:
17869+
:show-inheritance:
17870+
17871+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_field\_mapping module
17872+
---------------------------------------------------------------------------------------------------
17873+
17874+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping
17875+
:members:
17876+
:show-inheritance:
17877+
17878+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup module
17879+
-------------------------------------------------------------------------------------------
17880+
17881+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup
17882+
:members:
17883+
:show-inheritance:
17884+
17885+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_lookup\_table\_entry module
17886+
---------------------------------------------------------------------------------------------------------
17887+
17888+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry
17889+
:members:
17890+
:show-inheritance:
17891+
17892+
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_custom\_metadata module
17893+
---------------------------------------------------------------------------------------------
17894+
17895+
.. automodule:: datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata
17896+
:members:
17897+
:show-inheritance:
17898+
1786417899
datadog\_api\_client.v2.model.observability\_pipeline\_ocsf\_mapping\_library module
1786517900
------------------------------------------------------------------------------------
1786617901

examples/v2/observability-pipelines/ValidatePipeline_3024756866.py

Lines changed: 140 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
"""
2+
Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response
3+
"""
4+
5+
from datadog_api_client import ApiClient, Configuration
6+
from datadog_api_client.v2.api.observability_pipelines_api import ObservabilityPipelinesApi
7+
from datadog_api_client.v2.model.observability_pipeline_config import ObservabilityPipelineConfig
8+
from datadog_api_client.v2.model.observability_pipeline_config_processor_group import (
9+
ObservabilityPipelineConfigProcessorGroup,
10+
)
11+
from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes
12+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import (
13+
ObservabilityPipelineDatadogAgentSource,
14+
)
15+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source_type import (
16+
ObservabilityPipelineDatadogAgentSourceType,
17+
)
18+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination import (
19+
ObservabilityPipelineDatadogLogsDestination,
20+
)
21+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination_type import (
22+
ObservabilityPipelineDatadogLogsDestinationType,
23+
)
24+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor import (
25+
ObservabilityPipelineOcsfMapperProcessor,
26+
)
27+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_mapping import (
28+
ObservabilityPipelineOcsfMapperProcessorMapping,
29+
)
30+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_type import (
31+
ObservabilityPipelineOcsfMapperProcessorType,
32+
)
33+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom import (
34+
ObservabilityPipelineOcsfMappingCustom,
35+
)
36+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_field_mapping import (
37+
ObservabilityPipelineOcsfMappingCustomFieldMapping,
38+
)
39+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup import (
40+
ObservabilityPipelineOcsfMappingCustomLookup,
41+
)
42+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_lookup_table_entry import (
43+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry,
44+
)
45+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapping_custom_metadata import (
46+
ObservabilityPipelineOcsfMappingCustomMetadata,
47+
)
48+
from datadog_api_client.v2.model.observability_pipeline_spec import ObservabilityPipelineSpec
49+
from datadog_api_client.v2.model.observability_pipeline_spec_data import ObservabilityPipelineSpecData
50+
51+
body = ObservabilityPipelineSpec(
52+
data=ObservabilityPipelineSpecData(
53+
attributes=ObservabilityPipelineDataAttributes(
54+
config=ObservabilityPipelineConfig(
55+
destinations=[
56+
ObservabilityPipelineDatadogLogsDestination(
57+
id="datadog-logs-destination",
58+
inputs=[
59+
"my-processor-group",
60+
],
61+
type=ObservabilityPipelineDatadogLogsDestinationType.DATADOG_LOGS,
62+
),
63+
],
64+
processor_groups=[
65+
ObservabilityPipelineConfigProcessorGroup(
66+
enabled=True,
67+
id="my-processor-group",
68+
include="service:my-service",
69+
inputs=[
70+
"datadog-agent-source",
71+
],
72+
processors=[
73+
ObservabilityPipelineOcsfMapperProcessor(
74+
enabled=True,
75+
id="ocsf-mapper-processor",
76+
include="service:my-service",
77+
type=ObservabilityPipelineOcsfMapperProcessorType.OCSF_MAPPER,
78+
mappings=[
79+
ObservabilityPipelineOcsfMapperProcessorMapping(
80+
include="source:custom",
81+
mapping=ObservabilityPipelineOcsfMappingCustom(
82+
version=1,
83+
metadata=ObservabilityPipelineOcsfMappingCustomMetadata(
84+
_class="Device Inventory Info",
85+
profiles=[
86+
"container",
87+
],
88+
version="1.3.0",
89+
),
90+
mapping=[
91+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
92+
dest="time",
93+
source="timestamp",
94+
default="",
95+
),
96+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
97+
dest="severity",
98+
source="level",
99+
default="",
100+
),
101+
ObservabilityPipelineOcsfMappingCustomFieldMapping(
102+
dest="device.type",
103+
source="host.type",
104+
default="",
105+
lookup=ObservabilityPipelineOcsfMappingCustomLookup(
106+
table=[
107+
ObservabilityPipelineOcsfMappingCustomLookupTableEntry(
108+
contains="Desktop",
109+
value="desktop",
110+
),
111+
],
112+
),
113+
),
114+
],
115+
),
116+
),
117+
],
118+
),
119+
],
120+
),
121+
],
122+
sources=[
123+
ObservabilityPipelineDatadogAgentSource(
124+
id="datadog-agent-source",
125+
type=ObservabilityPipelineDatadogAgentSourceType.DATADOG_AGENT,
126+
),
127+
],
128+
),
129+
name="OCSF Custom Mapper Pipeline",
130+
),
131+
type="pipelines",
132+
),
133+
)
134+
135+
configuration = Configuration()
136+
with ApiClient(configuration) as api_client:
137+
api_instance = ObservabilityPipelinesApi(api_client)
138+
response = api_instance.validate_pipeline(body=body)
139+
140+
print(response)

examples/v2/observability-pipelines/ValidatePipeline_3565101276.py

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
"""
2+
Validate an observability pipeline with OCSF mapper library mapping returns "OK" response
3+
"""
4+
5+
from datadog_api_client import ApiClient, Configuration
6+
from datadog_api_client.v2.api.observability_pipelines_api import ObservabilityPipelinesApi
7+
from datadog_api_client.v2.model.observability_pipeline_config import ObservabilityPipelineConfig
8+
from datadog_api_client.v2.model.observability_pipeline_config_processor_group import (
9+
ObservabilityPipelineConfigProcessorGroup,
10+
)
11+
from datadog_api_client.v2.model.observability_pipeline_data_attributes import ObservabilityPipelineDataAttributes
12+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source import (
13+
ObservabilityPipelineDatadogAgentSource,
14+
)
15+
from datadog_api_client.v2.model.observability_pipeline_datadog_agent_source_type import (
16+
ObservabilityPipelineDatadogAgentSourceType,
17+
)
18+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination import (
19+
ObservabilityPipelineDatadogLogsDestination,
20+
)
21+
from datadog_api_client.v2.model.observability_pipeline_datadog_logs_destination_type import (
22+
ObservabilityPipelineDatadogLogsDestinationType,
23+
)
24+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor import (
25+
ObservabilityPipelineOcsfMapperProcessor,
26+
)
27+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_mapping import (
28+
ObservabilityPipelineOcsfMapperProcessorMapping,
29+
)
30+
from datadog_api_client.v2.model.observability_pipeline_ocsf_mapper_processor_type import (
31+
ObservabilityPipelineOcsfMapperProcessorType,
32+
)
33+
from datadog_api_client.v2.model.observability_pipeline_spec import ObservabilityPipelineSpec
34+
from datadog_api_client.v2.model.observability_pipeline_spec_data import ObservabilityPipelineSpecData
35+
36+
body = ObservabilityPipelineSpec(
37+
data=ObservabilityPipelineSpecData(
38+
attributes=ObservabilityPipelineDataAttributes(
39+
config=ObservabilityPipelineConfig(
40+
destinations=[
41+
ObservabilityPipelineDatadogLogsDestination(
42+
id="datadog-logs-destination",
43+
inputs=[
44+
"my-processor-group",
45+
],
46+
type=ObservabilityPipelineDatadogLogsDestinationType.DATADOG_LOGS,
47+
),
48+
],
49+
processor_groups=[
50+
ObservabilityPipelineConfigProcessorGroup(
51+
enabled=True,
52+
id="my-processor-group",
53+
include="service:my-service",
54+
inputs=[
55+
"datadog-agent-source",
56+
],
57+
processors=[
58+
ObservabilityPipelineOcsfMapperProcessor(
59+
enabled=True,
60+
id="ocsf-mapper-processor",
61+
include="service:my-service",
62+
type=ObservabilityPipelineOcsfMapperProcessorType.OCSF_MAPPER,
63+
mappings=[
64+
ObservabilityPipelineOcsfMapperProcessorMapping(
65+
include="source:cloudtrail",
66+
mapping="CloudTrail Account Change",
67+
),
68+
],
69+
),
70+
],
71+
),
72+
],
73+
sources=[
74+
ObservabilityPipelineDatadogAgentSource(
75+
id="datadog-agent-source",
76+
type=ObservabilityPipelineDatadogAgentSourceType.DATADOG_AGENT,
77+
),
78+
],
79+
),
80+
name="OCSF Mapper Pipeline",
81+
),
82+
type="pipelines",
83+
),
84+
)
85+
86+
configuration = Configuration()
87+
with ApiClient(configuration) as api_client:
88+
api_instance = ObservabilityPipelinesApi(api_client)
89+
response = api_instance.validate_pipeline(body=body)
90+
91+
print(response)

0 commit comments

Comments
 (0)