Application Security

Datadog Application Security provides protection against application-level attacks that aim to exploit code-level vulnerabilities, such as Server-Side-Request-Forgery (SSRF), SQL injection, Log4Shell, and Reflected Cross-Site-Scripting (XSS). You can monitor and protect apps hosted directly on a server, Docker, Kubernetes, Amazon ECS, and (for supported languages) AWS Fargate.

Get a WAF exclusion filter

v2 (latest)

GET https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}

Overview

Retrieve a specific WAF exclusion filter using its identifier. This endpoint requires the appsec_protect_read permission.

Arguments

Path Parameters

Name

Type

Description

exclusion_filter_id [required]

string

The identifier of the WAF exclusion filter.

Response

Response object for a single WAF exclusion filter.

Expand All

Field

Type

Description

data

object

A JSON:API resource for an WAF exclusion filter.

{   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": true,       "event_query": "string",       "ip_list": [         "198.51.100.72"       ],       "metadata": {         "added_at": "2019-09-19T10:00:00.000Z",         "added_by": "string",         "added_by_name": "string",         "modified_at": "2019-09-19T10:00:00.000Z",         "modified_by": "string",         "modified_by_name": "string"       },       "on_match": "string",       "parameters": [         "list.search.query"       ],       "path_glob": "/accounts/*",       "rules_target": [         {           "rule_id": "dog-913-009",           "tags": {             "category": "attack_attempt",             "type": "lfi"           }         }       ],       "scope": [         {           "env": "www",           "service": "prod"         }       ],       "search_query": "string"     },     "id": "3dd-0uc-h1s",     "type": "exclusion_filter"   } }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Path parameters
export exclusion_filter_id="3b5-v82-ns6"
# Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/${exclusion_filter_id}" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" Get a WAF exclusion filter returns "OK" response """  from os import environ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = environ["EXCLUSION_FILTER_DATA_ID"]  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.get_application_security_waf_exclusion_filter(         exclusion_filter_id=EXCLUSION_FILTER_DATA_ID,     )      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Get a WAF exclusion filter returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = ENV["EXCLUSION_FILTER_DATA_ID"] p api_instance.get_application_security_waf_exclusion_filter(EXCLUSION_FILTER_DATA_ID)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Get a WAF exclusion filter returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	// there is a valid "exclusion_filter" in the system 	ExclusionFilterDataID := os.Getenv("EXCLUSION_FILTER_DATA_ID")  	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.GetApplicationSecurityWafExclusionFilter(ctx, ExclusionFilterDataID)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.GetApplicationSecurityWafExclusionFilter`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.GetApplicationSecurityWafExclusionFilter`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Get a WAF exclusion filter returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterResponse;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      // there is a valid "exclusion_filter" in the system     String EXCLUSION_FILTER_DATA_ID = System.getenv("EXCLUSION_FILTER_DATA_ID");      try {       ApplicationSecurityWafExclusionFilterResponse result =           apiInstance.getApplicationSecurityWafExclusionFilter(EXCLUSION_FILTER_DATA_ID);       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#getApplicationSecurityWafExclusionFilter");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// Get a WAF exclusion filter returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     // there is a valid "exclusion_filter" in the system     let exclusion_filter_data_id = std::env::var("EXCLUSION_FILTER_DATA_ID").unwrap();     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .get_application_security_waf_exclusion_filter(exclusion_filter_data_id.clone())         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Get a WAF exclusion filter returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  // there is a valid "exclusion_filter" in the system const EXCLUSION_FILTER_DATA_ID = process.env.EXCLUSION_FILTER_DATA_ID as string;  const params: v2.ApplicationSecurityApiGetApplicationSecurityWafExclusionFilterRequest =   {     exclusionFilterId: EXCLUSION_FILTER_DATA_ID,   };  apiInstance   .getApplicationSecurityWafExclusionFilter(params)   .then((data: v2.ApplicationSecurityWafExclusionFilterResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Create a WAF exclusion filter

v2 (latest)

POST https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters

Overview

Create a new WAF exclusion filter with the given parameters.

A request matched by an exclusion filter will be ignored by the Application Security WAF product. Go to https://app.datadoghq.com/security/appsec/passlist to review existing exclusion filters (also called passlist entries).

This endpoint requires the appsec_protect_write permission.

Request

Body Data (required)

The definition of the new WAF exclusion filter.

Expand All

Field

Type

Description

data [required]

object

Object for creating a single WAF exclusion filter.

{   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": true,       "parameters": [         "list.search.query"       ],       "path_glob": "/accounts/*",       "rules_target": [         {           "tags": {             "category": "attack_attempt",             "type": "lfi"           }         }       ],       "scope": [         {           "env": "www",           "service": "prod"         }       ]     },     "type": "exclusion_filter"   } }

Response

Response object for a single WAF exclusion filter.

Expand All

Field

Type

Description

data

object

A JSON:API resource for an WAF exclusion filter.

{   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": true,       "event_query": "string",       "ip_list": [         "198.51.100.72"       ],       "metadata": {         "added_at": "2019-09-19T10:00:00.000Z",         "added_by": "string",         "added_by_name": "string",         "modified_at": "2019-09-19T10:00:00.000Z",         "modified_by": "string",         "modified_by_name": "string"       },       "on_match": "string",       "parameters": [         "list.search.query"       ],       "path_glob": "/accounts/*",       "rules_target": [         {           "rule_id": "dog-913-009",           "tags": {             "category": "attack_attempt",             "type": "lfi"           }         }       ],       "scope": [         {           "env": "www",           "service": "prod"         }       ],       "search_query": "string"     },     "id": "3dd-0uc-h1s",     "type": "exclusion_filter"   } }

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                           # Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF {   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": true,       "parameters": [         "list.search.query"       ],       "path_glob": "/accounts/*",       "rules_target": [         {           "tags": {             "category": "attack_attempt",             "type": "lfi"           }         }       ],       "scope": [         {           "env": "www",           "service": "prod"         }       ]     },     "type": "exclusion_filter"   } } EOF
                         

// Create a WAF exclusion filter returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	body := datadogV2.ApplicationSecurityWafExclusionFilterCreateRequest{ 		Data: datadogV2.ApplicationSecurityWafExclusionFilterCreateData{ 			Attributes: datadogV2.ApplicationSecurityWafExclusionFilterCreateAttributes{ 				Description: "Exclude false positives on a path", 				Enabled:     true, 				Parameters: []string{ 					"list.search.query", 				}, 				PathGlob: datadog.PtrString("/accounts/*"), 				RulesTarget: []datadogV2.ApplicationSecurityWafExclusionFilterRulesTarget{ 					{ 						Tags: &datadogV2.ApplicationSecurityWafExclusionFilterRulesTargetTags{ 							Category: datadog.PtrString("attack_attempt"), 							Type:     datadog.PtrString("lfi"), 						}, 					}, 				}, 				Scope: []datadogV2.ApplicationSecurityWafExclusionFilterScope{ 					{ 						Env:     datadog.PtrString("www"), 						Service: datadog.PtrString("prod"), 					}, 				}, 			}, 			Type: datadogV2.APPLICATIONSECURITYWAFEXCLUSIONFILTERTYPE_EXCLUSION_FILTER, 		}, 	} 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.CreateApplicationSecurityWafExclusionFilter(ctx, body)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.CreateApplicationSecurityWafExclusionFilter`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.CreateApplicationSecurityWafExclusionFilter`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Create a WAF exclusion filter returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterCreateAttributes; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterCreateData; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterCreateRequest; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterResponse; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterRulesTarget; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterRulesTargetTags; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterScope; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterType; import java.util.Collections;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      ApplicationSecurityWafExclusionFilterCreateRequest body =         new ApplicationSecurityWafExclusionFilterCreateRequest()             .data(                 new ApplicationSecurityWafExclusionFilterCreateData()                     .attributes(                         new ApplicationSecurityWafExclusionFilterCreateAttributes()                             .description("Exclude false positives on a path")                             .enabled(true)                             .parameters(Collections.singletonList("list.search.query"))                             .pathGlob("/accounts/*")                             .rulesTarget(                                 Collections.singletonList(                                     new ApplicationSecurityWafExclusionFilterRulesTarget()                                         .tags(                                             new ApplicationSecurityWafExclusionFilterRulesTargetTags()                                                 .category("attack_attempt")                                                 .type("lfi"))))                             .scope(                                 Collections.singletonList(                                     new ApplicationSecurityWafExclusionFilterScope()                                         .env("www")                                         .service("prod"))))                     .type(ApplicationSecurityWafExclusionFilterType.EXCLUSION_FILTER));      try {       ApplicationSecurityWafExclusionFilterResponse result =           apiInstance.createApplicationSecurityWafExclusionFilter(body);       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling"               + " ApplicationSecurityApi#createApplicationSecurityWafExclusionFilter");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

""" Create a WAF exclusion filter returns "OK" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi from datadog_api_client.v2.model.application_security_waf_exclusion_filter_create_attributes import (     ApplicationSecurityWafExclusionFilterCreateAttributes, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_create_data import (     ApplicationSecurityWafExclusionFilterCreateData, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_create_request import (     ApplicationSecurityWafExclusionFilterCreateRequest, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_rules_target import (     ApplicationSecurityWafExclusionFilterRulesTarget, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_rules_target_tags import (     ApplicationSecurityWafExclusionFilterRulesTargetTags, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_scope import (     ApplicationSecurityWafExclusionFilterScope, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_type import (     ApplicationSecurityWafExclusionFilterType, )  body = ApplicationSecurityWafExclusionFilterCreateRequest(     data=ApplicationSecurityWafExclusionFilterCreateData(         attributes=ApplicationSecurityWafExclusionFilterCreateAttributes(             description="Exclude false positives on a path",             enabled=True,             parameters=[                 "list.search.query",             ],             path_glob="/accounts/*",             rules_target=[                 ApplicationSecurityWafExclusionFilterRulesTarget(                     tags=ApplicationSecurityWafExclusionFilterRulesTargetTags(                         category="attack_attempt",                         type="lfi",                     ),                 ),             ],             scope=[                 ApplicationSecurityWafExclusionFilterScope(                     env="www",                     service="prod",                 ),             ],         ),         type=ApplicationSecurityWafExclusionFilterType.EXCLUSION_FILTER,     ), )  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.create_application_security_waf_exclusion_filter(body=body)      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Create a WAF exclusion filter returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  body = DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterCreateRequest.new({   data: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterCreateData.new({     attributes: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterCreateAttributes.new({       description: "Exclude false positives on a path",       enabled: true,       parameters: [         "list.search.query",       ],       path_glob: "/accounts/*",       rules_target: [         DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterRulesTarget.new({           tags: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterRulesTargetTags.new({             category: "attack_attempt",             type: "lfi",           }),         }),       ],       scope: [         DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterScope.new({           env: "www",           service: "prod",         }),       ],     }),     type: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterType::EXCLUSION_FILTER,   }), }) p api_instance.create_application_security_waf_exclusion_filter(body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Create a WAF exclusion filter returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterCreateAttributes; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterCreateData; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterCreateRequest; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterRulesTarget; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterRulesTargetTags; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterScope; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterType; use std::collections::BTreeMap;  #[tokio::main] async fn main() {     let body = ApplicationSecurityWafExclusionFilterCreateRequest::new(         ApplicationSecurityWafExclusionFilterCreateData::new(             ApplicationSecurityWafExclusionFilterCreateAttributes::new(                 "Exclude false positives on a path".to_string(),                 true,             )             .parameters(vec!["list.search.query".to_string()])             .path_glob("/accounts/*".to_string())             .rules_target(vec![ApplicationSecurityWafExclusionFilterRulesTarget::new(             )             .tags(                 ApplicationSecurityWafExclusionFilterRulesTargetTags::new()                     .category("attack_attempt".to_string())                     .type_("lfi".to_string())                     .additional_properties(BTreeMap::from([])),             )])             .scope(vec![ApplicationSecurityWafExclusionFilterScope::new()                 .env("www".to_string())                 .service("prod".to_string())]),             ApplicationSecurityWafExclusionFilterType::EXCLUSION_FILTER,         ),     );     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .create_application_security_waf_exclusion_filter(body)         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Create a WAF exclusion filter returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  const params: v2.ApplicationSecurityApiCreateApplicationSecurityWafExclusionFilterRequest =   {     body: {       data: {         attributes: {           description: "Exclude false positives on a path",           enabled: true,           parameters: ["list.search.query"],           pathGlob: "/accounts/*",           rulesTarget: [             {               tags: {                 category: "attack_attempt",                 type: "lfi",               },             },           ],           scope: [             {               env: "www",               service: "prod",             },           ],         },         type: "exclusion_filter",       },     },   };  apiInstance   .createApplicationSecurityWafExclusionFilter(params)   .then((data: v2.ApplicationSecurityWafExclusionFilterResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

List all WAF exclusion filters

v2 (latest)

GET https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filtershttps://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters

Overview

Retrieve a list of WAF exclusion filters. This endpoint requires the appsec_protect_read permission.

Response

Response object for multiple WAF exclusion filters.

Expand All

Field

Type

Description

data

[object]

A list of WAF exclusion filters.

{   "data": [     {       "attributes": {         "description": "Exclude false positives on a path",         "enabled": true,         "event_query": "string",         "ip_list": [           "198.51.100.72"         ],         "metadata": {           "added_at": "2019-09-19T10:00:00.000Z",           "added_by": "string",           "added_by_name": "string",           "modified_at": "2019-09-19T10:00:00.000Z",           "modified_by": "string",           "modified_by_name": "string"         },         "on_match": "string",         "parameters": [           "list.search.query"         ],         "path_glob": "/accounts/*",         "rules_target": [           {             "rule_id": "dog-913-009",             "tags": {               "category": "attack_attempt",               "type": "lfi"             }           }         ],         "scope": [           {             "env": "www",             "service": "prod"           }         ],         "search_query": "string"       },       "id": "3dd-0uc-h1s",       "type": "exclusion_filter"     }   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" List all WAF exclusion filters returns "OK" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.list_application_security_waf_exclusion_filters()      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# List all WAF exclusion filters returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new p api_instance.list_application_security_waf_exclusion_filters()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// List all WAF exclusion filters returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.ListApplicationSecurityWafExclusionFilters(ctx)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.ListApplicationSecurityWafExclusionFilters`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.ListApplicationSecurityWafExclusionFilters`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// List all WAF exclusion filters returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFiltersResponse;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      try {       ApplicationSecurityWafExclusionFiltersResponse result =           apiInstance.listApplicationSecurityWafExclusionFilters();       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling"               + " ApplicationSecurityApi#listApplicationSecurityWafExclusionFilters");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// List all WAF exclusion filters returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api.list_application_security_waf_exclusion_filters().await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * List all WAF exclusion filters returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  apiInstance   .listApplicationSecurityWafExclusionFilters()   .then((data: v2.ApplicationSecurityWafExclusionFiltersResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Update a WAF exclusion filter

v2 (latest)

PUT https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}

Overview

Update a specific WAF exclusion filter using its identifier. Returns the exclusion filter object when the request is successful. This endpoint requires the appsec_protect_write permission.

Arguments

Path Parameters

Name

Type

Description

exclusion_filter_id [required]

string

The identifier of the WAF exclusion filter.

Request

Body Data (required)

The exclusion filter to update.

Expand All

Field

Type

Description

data [required]

object

Object for updating a single WAF exclusion filter.

{   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": false,       "ip_list": [         "198.51.100.72"       ],       "on_match": "monitor"     },     "type": "exclusion_filter"   } }

Response

Response object for a single WAF exclusion filter.

Expand All

Field

Type

Description

data

object

A JSON:API resource for an WAF exclusion filter.

{   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": true,       "event_query": "string",       "ip_list": [         "198.51.100.72"       ],       "metadata": {         "added_at": "2019-09-19T10:00:00.000Z",         "added_by": "string",         "added_by_name": "string",         "modified_at": "2019-09-19T10:00:00.000Z",         "modified_by": "string",         "modified_by_name": "string"       },       "on_match": "string",       "parameters": [         "list.search.query"       ],       "path_glob": "/accounts/*",       "rules_target": [         {           "rule_id": "dog-913-009",           "tags": {             "category": "attack_attempt",             "type": "lfi"           }         }       ],       "scope": [         {           "env": "www",           "service": "prod"         }       ],       "search_query": "string"     },     "id": "3dd-0uc-h1s",     "type": "exclusion_filter"   } }

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                           # Path parameters
export exclusion_filter_id="3b5-v82-ns6"
# Curl command
curl -X PUT "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/${exclusion_filter_id}" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF {   "data": {     "attributes": {       "description": "Exclude false positives on a path",       "enabled": false,       "ip_list": [         "198.51.100.72"       ],       "on_match": "monitor"     },     "type": "exclusion_filter"   } } EOF
                         

// Update a WAF exclusion filter returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	// there is a valid "exclusion_filter" in the system 	ExclusionFilterDataID := os.Getenv("EXCLUSION_FILTER_DATA_ID")  	body := datadogV2.ApplicationSecurityWafExclusionFilterUpdateRequest{ 		Data: datadogV2.ApplicationSecurityWafExclusionFilterUpdateData{ 			Attributes: datadogV2.ApplicationSecurityWafExclusionFilterUpdateAttributes{ 				Description: "Exclude false positives on a path", 				Enabled:     false, 				IpList: []string{ 					"198.51.100.72", 				}, 				OnMatch: datadogV2.APPLICATIONSECURITYWAFEXCLUSIONFILTERONMATCH_MONITOR.Ptr(), 			}, 			Type: datadogV2.APPLICATIONSECURITYWAFEXCLUSIONFILTERTYPE_EXCLUSION_FILTER, 		}, 	} 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.UpdateApplicationSecurityWafExclusionFilter(ctx, ExclusionFilterDataID, body)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.UpdateApplicationSecurityWafExclusionFilter`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.UpdateApplicationSecurityWafExclusionFilter`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Update a WAF exclusion filter returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterOnMatch; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterResponse; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterType; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterUpdateAttributes; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterUpdateData; import com.datadog.api.client.v2.model.ApplicationSecurityWafExclusionFilterUpdateRequest; import java.util.Collections;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      // there is a valid "exclusion_filter" in the system     String EXCLUSION_FILTER_DATA_ID = System.getenv("EXCLUSION_FILTER_DATA_ID");      ApplicationSecurityWafExclusionFilterUpdateRequest body =         new ApplicationSecurityWafExclusionFilterUpdateRequest()             .data(                 new ApplicationSecurityWafExclusionFilterUpdateData()                     .attributes(                         new ApplicationSecurityWafExclusionFilterUpdateAttributes()                             .description("Exclude false positives on a path")                             .enabled(false)                             .ipList(Collections.singletonList("198.51.100.72"))                             .onMatch(ApplicationSecurityWafExclusionFilterOnMatch.MONITOR))                     .type(ApplicationSecurityWafExclusionFilterType.EXCLUSION_FILTER));      try {       ApplicationSecurityWafExclusionFilterResponse result =           apiInstance.updateApplicationSecurityWafExclusionFilter(EXCLUSION_FILTER_DATA_ID, body);       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling"               + " ApplicationSecurityApi#updateApplicationSecurityWafExclusionFilter");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

""" Update a WAF exclusion filter returns "OK" response """  from os import environ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi from datadog_api_client.v2.model.application_security_waf_exclusion_filter_on_match import (     ApplicationSecurityWafExclusionFilterOnMatch, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_type import (     ApplicationSecurityWafExclusionFilterType, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_update_attributes import (     ApplicationSecurityWafExclusionFilterUpdateAttributes, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_update_data import (     ApplicationSecurityWafExclusionFilterUpdateData, ) from datadog_api_client.v2.model.application_security_waf_exclusion_filter_update_request import (     ApplicationSecurityWafExclusionFilterUpdateRequest, )  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = environ["EXCLUSION_FILTER_DATA_ID"]  body = ApplicationSecurityWafExclusionFilterUpdateRequest(     data=ApplicationSecurityWafExclusionFilterUpdateData(         attributes=ApplicationSecurityWafExclusionFilterUpdateAttributes(             description="Exclude false positives on a path",             enabled=False,             ip_list=[                 "198.51.100.72",             ],             on_match=ApplicationSecurityWafExclusionFilterOnMatch.MONITOR,         ),         type=ApplicationSecurityWafExclusionFilterType.EXCLUSION_FILTER,     ), )  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.update_application_security_waf_exclusion_filter(         exclusion_filter_id=EXCLUSION_FILTER_DATA_ID, body=body     )      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Update a WAF exclusion filter returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = ENV["EXCLUSION_FILTER_DATA_ID"]  body = DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterUpdateRequest.new({   data: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterUpdateData.new({     attributes: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterUpdateAttributes.new({       description: "Exclude false positives on a path",       enabled: false,       ip_list: [         "198.51.100.72",       ],       on_match: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterOnMatch::MONITOR,     }),     type: DatadogAPIClient::V2::ApplicationSecurityWafExclusionFilterType::EXCLUSION_FILTER,   }), }) p api_instance.update_application_security_waf_exclusion_filter(EXCLUSION_FILTER_DATA_ID, body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Update a WAF exclusion filter returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterOnMatch; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterType; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterUpdateAttributes; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterUpdateData; use datadog_api_client::datadogV2::model::ApplicationSecurityWafExclusionFilterUpdateRequest;  #[tokio::main] async fn main() {     // there is a valid "exclusion_filter" in the system     let exclusion_filter_data_id = std::env::var("EXCLUSION_FILTER_DATA_ID").unwrap();     let body = ApplicationSecurityWafExclusionFilterUpdateRequest::new(         ApplicationSecurityWafExclusionFilterUpdateData::new(             ApplicationSecurityWafExclusionFilterUpdateAttributes::new(                 "Exclude false positives on a path".to_string(),                 false,             )             .ip_list(vec!["198.51.100.72".to_string()])             .on_match(ApplicationSecurityWafExclusionFilterOnMatch::MONITOR),             ApplicationSecurityWafExclusionFilterType::EXCLUSION_FILTER,         ),     );     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .update_application_security_waf_exclusion_filter(exclusion_filter_data_id.clone(), body)         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Update a WAF exclusion filter returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  // there is a valid "exclusion_filter" in the system const EXCLUSION_FILTER_DATA_ID = process.env.EXCLUSION_FILTER_DATA_ID as string;  const params: v2.ApplicationSecurityApiUpdateApplicationSecurityWafExclusionFilterRequest =   {     body: {       data: {         attributes: {           description: "Exclude false positives on a path",           enabled: false,           ipList: ["198.51.100.72"],           onMatch: "monitor",         },         type: "exclusion_filter",       },     },     exclusionFilterId: EXCLUSION_FILTER_DATA_ID,   };  apiInstance   .updateApplicationSecurityWafExclusionFilter(params)   .then((data: v2.ApplicationSecurityWafExclusionFilterResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Delete a WAF exclusion filter

v2 (latest)

DELETE https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}

Overview

Delete a specific WAF exclusion filter using its identifier. This endpoint requires the appsec_protect_write permission.

Arguments

Path Parameters

Name

Type

Description

exclusion_filter_id [required]

string

The identifier of the WAF exclusion filter.

Response

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Path parameters
export exclusion_filter_id="3b5-v82-ns6"
# Curl command
curl -X DELETE "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/exclusion_filters/${exclusion_filter_id}" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" Delete a WAF exclusion filter returns "OK" response """  from os import environ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = environ["EXCLUSION_FILTER_DATA_ID"]  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     api_instance.delete_application_security_waf_exclusion_filter(         exclusion_filter_id=EXCLUSION_FILTER_DATA_ID,     )

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Delete a WAF exclusion filter returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  # there is a valid "exclusion_filter" in the system EXCLUSION_FILTER_DATA_ID = ENV["EXCLUSION_FILTER_DATA_ID"] api_instance.delete_application_security_waf_exclusion_filter(EXCLUSION_FILTER_DATA_ID)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Delete a WAF exclusion filter returns "OK" response  package main  import ( 	"context" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	// there is a valid "exclusion_filter" in the system 	ExclusionFilterDataID := os.Getenv("EXCLUSION_FILTER_DATA_ID")  	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	r, err := api.DeleteApplicationSecurityWafExclusionFilter(ctx, ExclusionFilterDataID)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.DeleteApplicationSecurityWafExclusionFilter`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	} }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Delete a WAF exclusion filter returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      // there is a valid "exclusion_filter" in the system     String EXCLUSION_FILTER_DATA_ID = System.getenv("EXCLUSION_FILTER_DATA_ID");      try {       apiInstance.deleteApplicationSecurityWafExclusionFilter(EXCLUSION_FILTER_DATA_ID);     } catch (ApiException e) {       System.err.println(           "Exception when calling"               + " ApplicationSecurityApi#deleteApplicationSecurityWafExclusionFilter");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// Delete a WAF exclusion filter returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     // there is a valid "exclusion_filter" in the system     let exclusion_filter_data_id = std::env::var("EXCLUSION_FILTER_DATA_ID").unwrap();     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .delete_application_security_waf_exclusion_filter(exclusion_filter_data_id.clone())         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Delete a WAF exclusion filter returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  // there is a valid "exclusion_filter" in the system const EXCLUSION_FILTER_DATA_ID = process.env.EXCLUSION_FILTER_DATA_ID as string;  const params: v2.ApplicationSecurityApiDeleteApplicationSecurityWafExclusionFilterRequest =   {     exclusionFilterId: EXCLUSION_FILTER_DATA_ID,   };  apiInstance   .deleteApplicationSecurityWafExclusionFilter(params)   .then((data: any) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Get a WAF custom rule

v2 (latest)

GET https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}

Overview

Retrieve a WAF custom rule by ID.

Arguments

Path Parameters

Name

Type

Description

custom_rule_id [required]

string

The ID of the custom rule.

Response

Response object that includes a single WAF custom rule.

Expand All

Field

Type

Description

data

object

Object for a single WAF custom rule.

attributes

object

A WAF custom rule.

{   "data": {     "attributes": {       "action": {         "action": "block_request",         "parameters": {           "location": "/blocking",           "status_code": 403         }       },       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "data": "blocked_users",             "inputs": [               {                 "address": "server.db.statement",                 "key_path": []               }             ],             "list": [],             "options": {               "case_sensitive": false,               "min_length": "integer"             },             "regex": "path.*",             "value": "custom_tag"           }         }       ],       "enabled": false,       "metadata": {         "added_at": "2021-01-01T00:00:00Z",         "added_by": "[email protected]",         "added_by_name": "John Doe",         "modified_at": "2021-01-01T00:00:00Z",         "modified_by": "[email protected]",         "modified_by_name": "John Doe"       },       "name": "Block request from bad useragent",       "path_glob": "/api/search/*",       "scope": [         {           "env": "prod",           "service": "billing-service"         }       ],       "tags": {         "category": "business_logic",         "type": "users.login.success"       }     },     "id": "2857c47d-1e3a-4300-8b2f-dc24089c084b",     "type": "custom_rule"   } }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Path parameters
export custom_rule_id="3b5-v82-ns6"
# Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/${custom_rule_id}" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" Get a WAF custom rule returns "OK" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.get_application_security_waf_custom_rule(         custom_rule_id="custom_rule_id",     )      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Get a WAF custom rule returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new p api_instance.get_application_security_waf_custom_rule("custom_rule_id")

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Get a WAF custom rule returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.GetApplicationSecurityWafCustomRule(ctx, "custom_rule_id")  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.GetApplicationSecurityWafCustomRule`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.GetApplicationSecurityWafCustomRule`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Get a WAF custom rule returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleResponse;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      try {       ApplicationSecurityWafCustomRuleResponse result =           apiInstance.getApplicationSecurityWafCustomRule("custom_rule_id");       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#getApplicationSecurityWafCustomRule");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// Get a WAF custom rule returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .get_application_security_waf_custom_rule("custom_rule_id".to_string())         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Get a WAF custom rule returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  const params: v2.ApplicationSecurityApiGetApplicationSecurityWafCustomRuleRequest =   {     customRuleId: "custom_rule_id",   };  apiInstance   .getApplicationSecurityWafCustomRule(params)   .then((data: v2.ApplicationSecurityWafCustomRuleResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Create a WAF custom rule

v2 (latest)

POST https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules

Overview

Create a new WAF custom rule with the given parameters.

Request

Body Data (required)

The definition of the new WAF Custom Rule.

Expand All

Field

Type

Description

data [required]

object

Object for a single WAF custom rule.

attributes [required]

object

Create a new WAF custom rule.

{   "data": {     "attributes": {       "action": {         "action": "block_request",         "parameters": {           "location": "/blocking",           "status_code": 403         }       },       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "data": "blocked_users",             "inputs": [               {                 "address": "server.db.statement",                 "key_path": []               }             ],             "list": [],             "options": {               "case_sensitive": false,               "min_length": "integer"             },             "regex": "path.*",             "value": "custom_tag"           }         }       ],       "enabled": false,       "name": "Block request from a bad useragent",       "path_glob": "/api/search/*",       "scope": [         {           "env": "prod",           "service": "billing-service"         }       ],       "tags": {         "category": "business_logic",         "type": "users.login.success"       }     },     "type": "custom_rule"   } }

Response

Created

Response object that includes a single WAF custom rule.

Expand All

Field

Type

Description

data

object

Object for a single WAF custom rule.

attributes

object

A WAF custom rule.

{   "data": {     "attributes": {       "action": {         "action": "block_request",         "parameters": {           "location": "/blocking",           "status_code": 403         }       },       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "data": "blocked_users",             "inputs": [               {                 "address": "server.db.statement",                 "key_path": []               }             ],             "list": [],             "options": {               "case_sensitive": false,               "min_length": "integer"             },             "regex": "path.*",             "value": "custom_tag"           }         }       ],       "enabled": false,       "metadata": {         "added_at": "2021-01-01T00:00:00Z",         "added_by": "[email protected]",         "added_by_name": "John Doe",         "modified_at": "2021-01-01T00:00:00Z",         "modified_by": "[email protected]",         "modified_by_name": "John Doe"       },       "name": "Block request from bad useragent",       "path_glob": "/api/search/*",       "scope": [         {           "env": "prod",           "service": "billing-service"         }       ],       "tags": {         "category": "business_logic",         "type": "users.login.success"       }     },     "id": "2857c47d-1e3a-4300-8b2f-dc24089c084b",     "type": "custom_rule"   } }

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF {   "data": {     "attributes": {       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "inputs": [               {                 "address": "server.db.statement"               }             ]           }         }       ],       "enabled": false,       "name": "Block request from a bad useragent",       "scope": [         {           "env": "prod",           "service": "billing-service"         }       ],       "tags": {         "category": "business_logic",         "type": "users.login.success"       }     },     "type": "custom_rule"   } } EOF
                 

""" Create a WAF custom rule returns "Created" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi from datadog_api_client.v2.model.application_security_waf_custom_rule_action import (     ApplicationSecurityWafCustomRuleAction, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_action_action import (     ApplicationSecurityWafCustomRuleActionAction, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_action_parameters import (     ApplicationSecurityWafCustomRuleActionParameters, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition import (     ApplicationSecurityWafCustomRuleCondition, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_input import (     ApplicationSecurityWafCustomRuleConditionInput, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_input_address import (     ApplicationSecurityWafCustomRuleConditionInputAddress, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_operator import (     ApplicationSecurityWafCustomRuleConditionOperator, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_options import (     ApplicationSecurityWafCustomRuleConditionOptions, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters import (     ApplicationSecurityWafCustomRuleConditionParameters, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_create_attributes import (     ApplicationSecurityWafCustomRuleCreateAttributes, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_create_data import (     ApplicationSecurityWafCustomRuleCreateData, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_create_request import (     ApplicationSecurityWafCustomRuleCreateRequest, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_scope import ApplicationSecurityWafCustomRuleScope from datadog_api_client.v2.model.application_security_waf_custom_rule_tags import ApplicationSecurityWafCustomRuleTags from datadog_api_client.v2.model.application_security_waf_custom_rule_tags_category import (     ApplicationSecurityWafCustomRuleTagsCategory, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_type import ApplicationSecurityWafCustomRuleType  body = ApplicationSecurityWafCustomRuleCreateRequest(     data=ApplicationSecurityWafCustomRuleCreateData(         attributes=ApplicationSecurityWafCustomRuleCreateAttributes(             action=ApplicationSecurityWafCustomRuleAction(                 action=ApplicationSecurityWafCustomRuleActionAction.BLOCK_REQUEST,                 parameters=ApplicationSecurityWafCustomRuleActionParameters(                     location="/blocking",                     status_code=403,                 ),             ),             blocking=False,             conditions=[                 ApplicationSecurityWafCustomRuleCondition(                     operator=ApplicationSecurityWafCustomRuleConditionOperator.MATCH_REGEX,                     parameters=ApplicationSecurityWafCustomRuleConditionParameters(                         data="blocked_users",                         inputs=[                             ApplicationSecurityWafCustomRuleConditionInput(                                 address=ApplicationSecurityWafCustomRuleConditionInputAddress.SERVER_DB_STATEMENT,                                 key_path=[],                             ),                         ],                         list=[],                         options=ApplicationSecurityWafCustomRuleConditionOptions(                             case_sensitive=False,                             min_length=0,                         ),                         regex="path.*",                         value="custom_tag",                     ),                 ),             ],             enabled=False,             name="Block request from a bad useragent",             path_glob="/api/search/*",             scope=[                 ApplicationSecurityWafCustomRuleScope(                     env="prod",                     service="billing-service",                 ),             ],             tags=ApplicationSecurityWafCustomRuleTags(                 category=ApplicationSecurityWafCustomRuleTagsCategory.BUSINESS_LOGIC,                 type="users.login.success",             ),         ),         type=ApplicationSecurityWafCustomRuleType.CUSTOM_RULE,     ), )  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.create_application_security_waf_custom_rule(body=body)      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Create a WAF custom rule returns "Created" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  body = DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleCreateRequest.new({   data: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleCreateData.new({     attributes: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleCreateAttributes.new({       action: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleAction.new({         action: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleActionAction::BLOCK_REQUEST,         parameters: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleActionParameters.new({           location: "/blocking",           status_code: 403,         }),       }),       blocking: false,       conditions: [         DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleCondition.new({           operator: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionOperator::MATCH_REGEX,           parameters: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionParameters.new({             data: "blocked_users",             inputs: [               DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionInput.new({                 address: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionInputAddress::SERVER_DB_STATEMENT,                 key_path: [],               }),             ],             list: [],             options: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionOptions.new({               case_sensitive: false,               min_length: 0,             }),             regex: "path.*",             value: "custom_tag",           }),         }),       ],       enabled: false,       name: "Block request from a bad useragent",       path_glob: "/api/search/*",       scope: [         DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleScope.new({           env: "prod",           service: "billing-service",         }),       ],       tags: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleTags.new({         category: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleTagsCategory::BUSINESS_LOGIC,         type: "users.login.success",       }),     }),     type: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleType::CUSTOM_RULE,   }), }) p api_instance.create_application_security_waf_custom_rule(body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Create a WAF custom rule returns "Created" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	body := datadogV2.ApplicationSecurityWafCustomRuleCreateRequest{ 		Data: datadogV2.ApplicationSecurityWafCustomRuleCreateData{ 			Attributes: datadogV2.ApplicationSecurityWafCustomRuleCreateAttributes{ 				Action: &datadogV2.ApplicationSecurityWafCustomRuleAction{ 					Action: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULEACTIONACTION_BLOCK_REQUEST.Ptr(), 					Parameters: &datadogV2.ApplicationSecurityWafCustomRuleActionParameters{ 						Location:   datadog.PtrString("/blocking"), 						StatusCode: datadog.PtrInt64(403), 					}, 				}, 				Blocking: false, 				Conditions: []datadogV2.ApplicationSecurityWafCustomRuleCondition{ 					{ 						Operator: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_MATCH_REGEX, 						Parameters: datadogV2.ApplicationSecurityWafCustomRuleConditionParameters{ 							Data: datadog.PtrString("blocked_users"), 							Inputs: []datadogV2.ApplicationSecurityWafCustomRuleConditionInput{ 								{ 									Address: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULECONDITIONINPUTADDRESS_SERVER_DB_STATEMENT, 									KeyPath: []string{}, 								}, 							}, 							List: []string{}, 							Options: &datadogV2.ApplicationSecurityWafCustomRuleConditionOptions{ 								CaseSensitive: datadog.PtrBool(false), 								MinLength:     datadog.PtrInt64(0), 							}, 							Regex: datadog.PtrString("path.*"), 							Value: datadog.PtrString("custom_tag"), 						}, 					}, 				}, 				Enabled:  false, 				Name:     "Block request from a bad useragent", 				PathGlob: datadog.PtrString("/api/search/*"), 				Scope: []datadogV2.ApplicationSecurityWafCustomRuleScope{ 					{ 						Env:     "prod", 						Service: "billing-service", 					}, 				}, 				Tags: datadogV2.ApplicationSecurityWafCustomRuleTags{ 					Category: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULETAGSCATEGORY_BUSINESS_LOGIC, 					Type:     "users.login.success", 				}, 			}, 			Type: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULETYPE_CUSTOM_RULE, 		}, 	} 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.CreateApplicationSecurityWafCustomRule(ctx, body)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.CreateApplicationSecurityWafCustomRule`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.CreateApplicationSecurityWafCustomRule`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Create a WAF custom rule returns "Created" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleAction; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleActionAction; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleActionParameters; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleCondition; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionInput; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionInputAddress; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionOperator; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionOptions; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionParameters; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleCreateAttributes; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleCreateData; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleCreateRequest; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleResponse; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleScope; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleTags; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleTagsCategory; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleType; import java.util.Collections;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      ApplicationSecurityWafCustomRuleCreateRequest body =         new ApplicationSecurityWafCustomRuleCreateRequest()             .data(                 new ApplicationSecurityWafCustomRuleCreateData()                     .attributes(                         new ApplicationSecurityWafCustomRuleCreateAttributes()                             .action(                                 new ApplicationSecurityWafCustomRuleAction()                                     .action(                                         ApplicationSecurityWafCustomRuleActionAction.BLOCK_REQUEST)                                     .parameters(                                         new ApplicationSecurityWafCustomRuleActionParameters()                                             .location("/blocking")                                             .statusCode(403L)))                             .blocking(false)                             .conditions(                                 Collections.singletonList(                                     new ApplicationSecurityWafCustomRuleCondition()                                         .operator(                                             ApplicationSecurityWafCustomRuleConditionOperator                                                 .MATCH_REGEX)                                         .parameters(                                             new ApplicationSecurityWafCustomRuleConditionParameters()                                                 .data("blocked_users")                                                 .inputs(                                                     Collections.singletonList(                                                         new ApplicationSecurityWafCustomRuleConditionInput()                                                             .address(                                                                 ApplicationSecurityWafCustomRuleConditionInputAddress                                                                     .SERVER_DB_STATEMENT)))                                                 .options(                                                     new ApplicationSecurityWafCustomRuleConditionOptions()                                                         .caseSensitive(false)                                                         .minLength(0L))                                                 .regex("path.*")                                                 .value("custom_tag"))))                             .enabled(false)                             .name("Block request from a bad useragent")                             .pathGlob("/api/search/*")                             .scope(                                 Collections.singletonList(                                     new ApplicationSecurityWafCustomRuleScope()                                         .env("prod")                                         .service("billing-service")))                             .tags(                                 new ApplicationSecurityWafCustomRuleTags()                                     .category(                                         ApplicationSecurityWafCustomRuleTagsCategory.BUSINESS_LOGIC)                                     .type("users.login.success")))                     .type(ApplicationSecurityWafCustomRuleType.CUSTOM_RULE));      try {       ApplicationSecurityWafCustomRuleResponse result =           apiInstance.createApplicationSecurityWafCustomRule(body);       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#createApplicationSecurityWafCustomRule");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// Create a WAF custom rule returns "Created" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleAction; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleActionAction; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleActionParameters; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleCondition; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionInput; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionInputAddress; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionOperator; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionOptions; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionParameters; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleCreateAttributes; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleCreateData; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleCreateRequest; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleScope; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleTags; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleTagsCategory; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleType; use std::collections::BTreeMap;  #[tokio::main] async fn main() {     let body =         ApplicationSecurityWafCustomRuleCreateRequest::new(             ApplicationSecurityWafCustomRuleCreateData::new(                 ApplicationSecurityWafCustomRuleCreateAttributes::new(                     false,                     vec![                         ApplicationSecurityWafCustomRuleCondition::new(                             ApplicationSecurityWafCustomRuleConditionOperator::MATCH_REGEX,                             ApplicationSecurityWafCustomRuleConditionParameters::new(                                 vec![                                     ApplicationSecurityWafCustomRuleConditionInput::new(                                         ApplicationSecurityWafCustomRuleConditionInputAddress::SERVER_DB_STATEMENT,                                     ).key_path(vec![])                                 ],                             )                                 .data("blocked_users".to_string())                                 .list(vec![])                                 .options(                                     ApplicationSecurityWafCustomRuleConditionOptions::new()                                         .case_sensitive(false)                                         .min_length(0),                                 )                                 .regex("path.*".to_string())                                 .value("custom_tag".to_string()),                         )                     ],                     false,                     "Block request from a bad useragent".to_string(),                     ApplicationSecurityWafCustomRuleTags::new(                         ApplicationSecurityWafCustomRuleTagsCategory::BUSINESS_LOGIC,                         "users.login.success".to_string(),                     ).additional_properties(BTreeMap::from([])),                 )                     .action(                         ApplicationSecurityWafCustomRuleAction::new()                             .action(ApplicationSecurityWafCustomRuleActionAction::BLOCK_REQUEST)                             .parameters(                                 ApplicationSecurityWafCustomRuleActionParameters::new()                                     .location("/blocking".to_string())                                     .status_code(403),                             ),                     )                     .path_glob("/api/search/*".to_string())                     .scope(                         vec![                             ApplicationSecurityWafCustomRuleScope::new(                                 "prod".to_string(),                                 "billing-service".to_string(),                             )                         ],                     ),                 ApplicationSecurityWafCustomRuleType::CUSTOM_RULE,             ),         );     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api.create_application_security_waf_custom_rule(body).await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Create a WAF custom rule returns "Created" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  const params: v2.ApplicationSecurityApiCreateApplicationSecurityWafCustomRuleRequest =   {     body: {       data: {         attributes: {           action: {             action: "block_request",             parameters: {               location: "/blocking",               statusCode: 403,             },           },           blocking: false,           conditions: [             {               operator: "match_regex",               parameters: {                 data: "blocked_users",                 inputs: [                   {                     address: "server.db.statement",                     keyPath: [],                   },                 ],                 list: [],                 options: {                   caseSensitive: false,                   minLength: 0,                 },                 regex: "path.*",                 value: "custom_tag",               },             },           ],           enabled: false,           name: "Block request from a bad useragent",           pathGlob: "/api/search/*",           scope: [             {               env: "prod",               service: "billing-service",             },           ],           tags: {             category: "business_logic",             type: "users.login.success",           },         },         type: "custom_rule",       },     },   };  apiInstance   .createApplicationSecurityWafCustomRule(params)   .then((data: v2.ApplicationSecurityWafCustomRuleResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

List all WAF custom rules

v2 (latest)

GET https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_ruleshttps://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules

Overview

Retrieve a list of WAF custom rule.

Response

Response object that includes a list of WAF custom rules.

Expand All

Field

Type

Description

data

[object]

The WAF custom rule data.

attributes

object

A WAF custom rule.

{   "data": [     {       "attributes": {         "action": {           "action": "block_request",           "parameters": {             "location": "/blocking",             "status_code": 403           }         },         "blocking": false,         "conditions": [           {             "operator": "match_regex",             "parameters": {               "data": "blocked_users",               "inputs": [                 {                   "address": "server.db.statement",                   "key_path": []                 }               ],               "list": [],               "options": {                 "case_sensitive": false,                 "min_length": "integer"               },               "regex": "path.*",               "value": "custom_tag"             }           }         ],         "enabled": false,         "metadata": {           "added_at": "2021-01-01T00:00:00Z",           "added_by": "[email protected]",           "added_by_name": "John Doe",           "modified_at": "2021-01-01T00:00:00Z",           "modified_by": "[email protected]",           "modified_by_name": "John Doe"         },         "name": "Block request from bad useragent",         "path_glob": "/api/search/*",         "scope": [           {             "env": "prod",             "service": "billing-service"           }         ],         "tags": {           "category": "business_logic",           "type": "users.login.success"         }       },       "id": "2857c47d-1e3a-4300-8b2f-dc24089c084b",       "type": "custom_rule"     }   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" List all WAF custom rules returns "OK" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.list_application_security_waf_custom_rules()      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# List all WAF custom rules returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new p api_instance.list_application_security_waf_custom_rules()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// List all WAF custom rules returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.ListApplicationSecurityWAFCustomRules(ctx)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.ListApplicationSecurityWAFCustomRules`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.ListApplicationSecurityWAFCustomRules`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// List all WAF custom rules returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleListResponse;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      try {       ApplicationSecurityWafCustomRuleListResponse result =           apiInstance.listApplicationSecurityWAFCustomRules();       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#listApplicationSecurityWAFCustomRules");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// List all WAF custom rules returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api.list_application_security_waf_custom_rules().await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * List all WAF custom rules returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  apiInstance   .listApplicationSecurityWAFCustomRules()   .then((data: v2.ApplicationSecurityWafCustomRuleListResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Update a WAF Custom Rule

v2 (latest)

PUT https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}

Overview

Update a specific WAF custom Rule. Returns the Custom Rule object when the request is successful.

Arguments

Path Parameters

Name

Type

Description

custom_rule_id [required]

string

The ID of the custom rule.

Request

Body Data (required)

New definition of the WAF Custom Rule.

Expand All

Field

Type

Description

data [required]

object

Object for a single WAF Custom Rule.

attributes [required]

object

Update a WAF custom rule.

{   "data": {     "type": "custom_rule",     "attributes": {       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "inputs": [               {                 "address": "server.request.query",                 "key_path": [                   "id"                 ]               }             ],             "regex": "badactor"           }         }       ],       "enabled": false,       "name": "test",       "path_glob": "/test",       "scope": [         {           "env": "test",           "service": "test"         }       ],       "tags": {         "category": "attack_attempt",         "type": "test"       }     }   } }

Response

Response object that includes a single WAF custom rule.

Expand All

Field

Type

Description

data

object

Object for a single WAF custom rule.

attributes

object

A WAF custom rule.

{   "data": {     "attributes": {       "action": {         "action": "block_request",         "parameters": {           "location": "/blocking",           "status_code": 403         }       },       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "data": "blocked_users",             "inputs": [               {                 "address": "server.db.statement",                 "key_path": []               }             ],             "list": [],             "options": {               "case_sensitive": false,               "min_length": "integer"             },             "regex": "path.*",             "value": "custom_tag"           }         }       ],       "enabled": false,       "metadata": {         "added_at": "2021-01-01T00:00:00Z",         "added_by": "[email protected]",         "added_by_name": "John Doe",         "modified_at": "2021-01-01T00:00:00Z",         "modified_by": "[email protected]",         "modified_by_name": "John Doe"       },       "name": "Block request from bad useragent",       "path_glob": "/api/search/*",       "scope": [         {           "env": "prod",           "service": "billing-service"         }       ],       "tags": {         "category": "business_logic",         "type": "users.login.success"       }     },     "id": "2857c47d-1e3a-4300-8b2f-dc24089c084b",     "type": "custom_rule"   } }

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                           # Path parameters
export custom_rule_id="3b5-v82-ns6"
# Curl command
curl -X PUT "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/${custom_rule_id}" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF {   "data": {     "type": "custom_rule",     "attributes": {       "blocking": false,       "conditions": [         {           "operator": "match_regex",           "parameters": {             "inputs": [               {                 "address": "server.request.query",                 "key_path": [                   "id"                 ]               }             ],             "regex": "badactor"           }         }       ],       "enabled": false,       "name": "test",       "path_glob": "/test",       "scope": [         {           "env": "test",           "service": "test"         }       ],       "tags": {         "category": "attack_attempt",         "type": "test"       }     }   } } EOF
                         

// Update a WAF Custom Rule returns "OK" response  package main  import ( 	"context" 	"encoding/json" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	// there is a valid "custom_rule" in the system 	CustomRuleDataID := os.Getenv("CUSTOM_RULE_DATA_ID")  	body := datadogV2.ApplicationSecurityWafCustomRuleUpdateRequest{ 		Data: datadogV2.ApplicationSecurityWafCustomRuleUpdateData{ 			Type: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULETYPE_CUSTOM_RULE, 			Attributes: datadogV2.ApplicationSecurityWafCustomRuleUpdateAttributes{ 				Blocking: false, 				Conditions: []datadogV2.ApplicationSecurityWafCustomRuleCondition{ 					{ 						Operator: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULECONDITIONOPERATOR_MATCH_REGEX, 						Parameters: datadogV2.ApplicationSecurityWafCustomRuleConditionParameters{ 							Inputs: []datadogV2.ApplicationSecurityWafCustomRuleConditionInput{ 								{ 									Address: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULECONDITIONINPUTADDRESS_SERVER_REQUEST_QUERY, 									KeyPath: []string{ 										"id", 									}, 								}, 							}, 							Regex: datadog.PtrString("badactor"), 						}, 					}, 				}, 				Enabled:  false, 				Name:     "test", 				PathGlob: datadog.PtrString("/test"), 				Scope: []datadogV2.ApplicationSecurityWafCustomRuleScope{ 					{ 						Env:     "test", 						Service: "test", 					}, 				}, 				Tags: datadogV2.ApplicationSecurityWafCustomRuleTags{ 					Category: datadogV2.APPLICATIONSECURITYWAFCUSTOMRULETAGSCATEGORY_ATTACK_ATTEMPT, 					Type:     "test", 				}, 			}, 		}, 	} 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	resp, r, err := api.UpdateApplicationSecurityWafCustomRule(ctx, CustomRuleDataID, body)  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.UpdateApplicationSecurityWafCustomRule`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	}  	responseContent, _ := json.MarshalIndent(resp, "", "  ") 	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.UpdateApplicationSecurityWafCustomRule`:\n%s\n", responseContent) }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Update a WAF Custom Rule returns "OK" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleCondition; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionInput; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionInputAddress; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionOperator; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleConditionParameters; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleResponse; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleScope; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleTags; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleTagsCategory; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleType; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleUpdateAttributes; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleUpdateData; import com.datadog.api.client.v2.model.ApplicationSecurityWafCustomRuleUpdateRequest; import java.util.Collections;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      // there is a valid "custom_rule" in the system     String CUSTOM_RULE_DATA_ID = System.getenv("CUSTOM_RULE_DATA_ID");      ApplicationSecurityWafCustomRuleUpdateRequest body =         new ApplicationSecurityWafCustomRuleUpdateRequest()             .data(                 new ApplicationSecurityWafCustomRuleUpdateData()                     .type(ApplicationSecurityWafCustomRuleType.CUSTOM_RULE)                     .attributes(                         new ApplicationSecurityWafCustomRuleUpdateAttributes()                             .blocking(false)                             .conditions(                                 Collections.singletonList(                                     new ApplicationSecurityWafCustomRuleCondition()                                         .operator(                                             ApplicationSecurityWafCustomRuleConditionOperator                                                 .MATCH_REGEX)                                         .parameters(                                             new ApplicationSecurityWafCustomRuleConditionParameters()                                                 .inputs(                                                     Collections.singletonList(                                                         new ApplicationSecurityWafCustomRuleConditionInput()                                                             .address(                                                                 ApplicationSecurityWafCustomRuleConditionInputAddress                                                                     .SERVER_REQUEST_QUERY)                                                             .keyPath(                                                                 Collections.singletonList("id"))))                                                 .regex("badactor"))))                             .enabled(false)                             .name("test")                             .pathGlob("/test")                             .scope(                                 Collections.singletonList(                                     new ApplicationSecurityWafCustomRuleScope()                                         .env("test")                                         .service("test")))                             .tags(                                 new ApplicationSecurityWafCustomRuleTags()                                     .category(                                         ApplicationSecurityWafCustomRuleTagsCategory.ATTACK_ATTEMPT)                                     .type("test"))));      try {       ApplicationSecurityWafCustomRuleResponse result =           apiInstance.updateApplicationSecurityWafCustomRule(CUSTOM_RULE_DATA_ID, body);       System.out.println(result);     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#updateApplicationSecurityWafCustomRule");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

""" Update a WAF Custom Rule returns "OK" response """  from os import environ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi from datadog_api_client.v2.model.application_security_waf_custom_rule_condition import (     ApplicationSecurityWafCustomRuleCondition, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_input import (     ApplicationSecurityWafCustomRuleConditionInput, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_input_address import (     ApplicationSecurityWafCustomRuleConditionInputAddress, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_operator import (     ApplicationSecurityWafCustomRuleConditionOperator, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_condition_parameters import (     ApplicationSecurityWafCustomRuleConditionParameters, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_scope import ApplicationSecurityWafCustomRuleScope from datadog_api_client.v2.model.application_security_waf_custom_rule_tags import ApplicationSecurityWafCustomRuleTags from datadog_api_client.v2.model.application_security_waf_custom_rule_tags_category import (     ApplicationSecurityWafCustomRuleTagsCategory, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_type import ApplicationSecurityWafCustomRuleType from datadog_api_client.v2.model.application_security_waf_custom_rule_update_attributes import (     ApplicationSecurityWafCustomRuleUpdateAttributes, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_update_data import (     ApplicationSecurityWafCustomRuleUpdateData, ) from datadog_api_client.v2.model.application_security_waf_custom_rule_update_request import (     ApplicationSecurityWafCustomRuleUpdateRequest, )  # there is a valid "custom_rule" in the system CUSTOM_RULE_DATA_ID = environ["CUSTOM_RULE_DATA_ID"]  body = ApplicationSecurityWafCustomRuleUpdateRequest(     data=ApplicationSecurityWafCustomRuleUpdateData(         type=ApplicationSecurityWafCustomRuleType.CUSTOM_RULE,         attributes=ApplicationSecurityWafCustomRuleUpdateAttributes(             blocking=False,             conditions=[                 ApplicationSecurityWafCustomRuleCondition(                     operator=ApplicationSecurityWafCustomRuleConditionOperator.MATCH_REGEX,                     parameters=ApplicationSecurityWafCustomRuleConditionParameters(                         inputs=[                             ApplicationSecurityWafCustomRuleConditionInput(                                 address=ApplicationSecurityWafCustomRuleConditionInputAddress.SERVER_REQUEST_QUERY,                                 key_path=[                                     "id",                                 ],                             ),                         ],                         regex="badactor",                     ),                 ),             ],             enabled=False,             name="test",             path_glob="/test",             scope=[                 ApplicationSecurityWafCustomRuleScope(                     env="test",                     service="test",                 ),             ],             tags=ApplicationSecurityWafCustomRuleTags(                 category=ApplicationSecurityWafCustomRuleTagsCategory.ATTACK_ATTEMPT,                 type="test",             ),         ),     ), )  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     response = api_instance.update_application_security_waf_custom_rule(custom_rule_id=CUSTOM_RULE_DATA_ID, body=body)      print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Update a WAF Custom Rule returns "OK" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new  # there is a valid "custom_rule" in the system CUSTOM_RULE_DATA_ID = ENV["CUSTOM_RULE_DATA_ID"]  body = DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleUpdateRequest.new({   data: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleUpdateData.new({     type: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleType::CUSTOM_RULE,     attributes: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleUpdateAttributes.new({       blocking: false,       conditions: [         DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleCondition.new({           operator: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionOperator::MATCH_REGEX,           parameters: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionParameters.new({             inputs: [               DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionInput.new({                 address: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleConditionInputAddress::SERVER_REQUEST_QUERY,                 key_path: [                   "id",                 ],               }),             ],             regex: "badactor",           }),         }),       ],       enabled: false,       name: "test",       path_glob: "/test",       scope: [         DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleScope.new({           env: "test",           service: "test",         }),       ],       tags: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleTags.new({         category: DatadogAPIClient::V2::ApplicationSecurityWafCustomRuleTagsCategory::ATTACK_ATTEMPT,         type: "test",       }),     }),   }), }) p api_instance.update_application_security_waf_custom_rule(CUSTOM_RULE_DATA_ID, body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Update a WAF Custom Rule returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleCondition; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionInput; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionInputAddress; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionOperator; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleConditionParameters; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleScope; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleTags; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleTagsCategory; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleType; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleUpdateAttributes; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleUpdateData; use datadog_api_client::datadogV2::model::ApplicationSecurityWafCustomRuleUpdateRequest; use std::collections::BTreeMap;  #[tokio::main] async fn main() {     // there is a valid "custom_rule" in the system     let custom_rule_data_id = std::env::var("CUSTOM_RULE_DATA_ID").unwrap();     let body =         ApplicationSecurityWafCustomRuleUpdateRequest::new(             ApplicationSecurityWafCustomRuleUpdateData::new(                 ApplicationSecurityWafCustomRuleUpdateAttributes::new(                     false,                     vec![                         ApplicationSecurityWafCustomRuleCondition::new(                             ApplicationSecurityWafCustomRuleConditionOperator::MATCH_REGEX,                             ApplicationSecurityWafCustomRuleConditionParameters::new(                                 vec![                                     ApplicationSecurityWafCustomRuleConditionInput::new(                                         ApplicationSecurityWafCustomRuleConditionInputAddress::SERVER_REQUEST_QUERY,                                     ).key_path(vec!["id".to_string()])                                 ],                             ).regex("badactor".to_string()),                         )                     ],                     false,                     "test".to_string(),                     ApplicationSecurityWafCustomRuleTags::new(                         ApplicationSecurityWafCustomRuleTagsCategory::ATTACK_ATTEMPT,                         "test".to_string(),                     ).additional_properties(BTreeMap::from([])),                 )                     .path_glob("/test".to_string())                     .scope(vec![ApplicationSecurityWafCustomRuleScope::new("test".to_string(), "test".to_string())]),                 ApplicationSecurityWafCustomRuleType::CUSTOM_RULE,             ),         );     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .update_application_security_waf_custom_rule(custom_rule_data_id.clone(), body)         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Update a WAF Custom Rule returns "OK" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  // there is a valid "custom_rule" in the system const CUSTOM_RULE_DATA_ID = process.env.CUSTOM_RULE_DATA_ID as string;  const params: v2.ApplicationSecurityApiUpdateApplicationSecurityWafCustomRuleRequest =   {     body: {       data: {         type: "custom_rule",         attributes: {           blocking: false,           conditions: [             {               operator: "match_regex",               parameters: {                 inputs: [                   {                     address: "server.request.query",                     keyPath: ["id"],                   },                 ],                 regex: "badactor",               },             },           ],           enabled: false,           name: "test",           pathGlob: "/test",           scope: [             {               env: "test",               service: "test",             },           ],           tags: {             category: "attack_attempt",             type: "test",           },         },       },     },     customRuleId: CUSTOM_RULE_DATA_ID,   };  apiInstance   .updateApplicationSecurityWafCustomRule(params)   .then((data: v2.ApplicationSecurityWafCustomRuleResponse) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Delete a WAF Custom Rule

v2 (latest)

DELETE https://api.ap1.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ap2.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.eu/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.ddog-gov.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us3.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id}

Overview

Delete a specific WAF custom rule.

Arguments

Path Parameters

Name

Type

Description

custom_rule_id [required]

string

The ID of the custom rule.

Response

No Content

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Concurrent Modification

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{   "errors": [     "Bad Request"   ] }

Code Example

                   # Path parameters
export custom_rule_id="3b5-v82-ns6"
# Curl command
curl -X DELETE "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/remote_config/products/asm/waf/custom_rules/${custom_rule_id}" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}"
                 

""" Delete a WAF Custom Rule returns "No Content" response """  from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi  configuration = Configuration() with ApiClient(configuration) as api_client:     api_instance = ApplicationSecurityApi(api_client)     api_instance.delete_application_security_waf_custom_rule(         custom_rule_id="custom_rule_id",     )

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"

# Delete a WAF Custom Rule returns "No Content" response  require "datadog_api_client" api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new api_instance.delete_application_security_waf_custom_rule("custom_rule_id")

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"

// Delete a WAF Custom Rule returns "No Content" response  package main  import ( 	"context" 	"fmt" 	"os"  	"github.com/DataDog/datadog-api-client-go/v2/api/datadog" 	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" )  func main() { 	ctx := datadog.NewDefaultContext(context.Background()) 	configuration := datadog.NewConfiguration() 	apiClient := datadog.NewAPIClient(configuration) 	api := datadogV2.NewApplicationSecurityApi(apiClient) 	r, err := api.DeleteApplicationSecurityWafCustomRule(ctx, "custom_rule_id")  	if err != nil { 		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.DeleteApplicationSecurityWafCustomRule`: %v\n", err) 		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) 	} }

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"

// Delete a WAF Custom Rule returns "No Content" response  import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.ApplicationSecurityApi;  public class Example {   public static void main(String[] args) {     ApiClient defaultClient = ApiClient.getDefaultApiClient();     ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);      try {       apiInstance.deleteApplicationSecurityWafCustomRule("custom_rule_id");     } catch (ApiException e) {       System.err.println(           "Exception when calling ApplicationSecurityApi#deleteApplicationSecurityWafCustomRule");       System.err.println("Status code: " + e.getCode());       System.err.println("Reason: " + e.getResponseBody());       System.err.println("Response headers: " + e.getResponseHeaders());       e.printStackTrace();     }   } }

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"

// Delete a WAF Custom Rule returns "No Content" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;  #[tokio::main] async fn main() {     let configuration = datadog::Configuration::new();     let api = ApplicationSecurityAPI::with_config(configuration);     let resp = api         .delete_application_security_waf_custom_rule("custom_rule_id".to_string())         .await;     if let Ok(value) = resp {         println!("{:#?}", value);     } else {         println!("{:#?}", resp.unwrap_err());     } }

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run

/**  * Delete a WAF Custom Rule returns "No Content" response  */  import { client, v2 } from "@datadog/datadog-api-client";  const configuration = client.createConfiguration(); const apiInstance = new v2.ApplicationSecurityApi(configuration);  const params: v2.ApplicationSecurityApiDeleteApplicationSecurityWafCustomRuleRequest =   {     customRuleId: "custom_rule_id",   };  apiInstance   .deleteApplicationSecurityWafCustomRule(params)   .then((data: any) => {     console.log(       "API called successfully. Returned data: " + JSON.stringify(data)     );   })   .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

     DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"