DataDog
diff --git a/‎.apigentools-info
Lines changed: 4 additions & 4 deletions b/‎.apigentools-info
Lines changed: 4 additions & 4 deletions
diff --git a/‎.generator/schemas/v2/openapi.yaml
Lines changed: 44 additions & 0 deletions b/‎.generator/schemas/v2/openapi.yaml
Lines changed: 44 additions & 0 deletions
diff --git a/‎examples/v2_security-monitoring_CreateSecurityMonitoringRule.rs
Lines changed: 7 additions & 0 deletions b/‎examples/v2_security-monitoring_CreateSecurityMonitoringRule.rs
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/datadogV2/model/mod.rs
Lines changed: 2 additions & 0 deletions b/‎src/datadogV2/model/mod.rs
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/datadogV2/model/model_security_monitoring_reference_table.rs
Lines changed: 177 additions & 0 deletions b/‎src/datadogV2/model/model_security_monitoring_reference_table.rs
Lines changed: 177 additions & 0 deletions
diff --git a/‎src/datadogV2/model/model_security_monitoring_rule_update_payload.rs
Lines changed: 23 additions & 0 deletions b/‎src/datadogV2/model/model_security_monitoring_rule_update_payload.rs
Lines changed: 23 additions & 0 deletions
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-09-30 14:37:40.714287",
-            "spec_repo_commit": "60bc9127"
+            "regenerated": "2024-09-30 19:44:30.949374",
+            "spec_repo_commit": "909e369c"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-09-30 14:37:40.728525",
-            "spec_repo_commit": "60bc9127"
+            "regenerated": "2024-09-30 19:44:30.963864",
+            "spec_repo_commit": "909e369c"
         }
     }
 }
@@ -19089,6 +19089,25 @@ components:
         meta:
           $ref: '#/components/schemas/ResponseMetaAttributes'
       type: object
+    SecurityMonitoringReferenceTable:
+      description: Reference table for the rule.
+      properties:
+        checkPresence:
+          description: Whether to include or exclude the matched values.
+          type: boolean
+        columnName:
+          description: The name of the column in the reference table.
+          type: string
+        logFieldPath:
+          description: The field in the log to match against the reference table.
+          type: string
+        ruleQueryName:
+          description: The name of the rule query to apply the reference table to.
+          type: string
+        tableName:
+          description: The name of the reference table.
+          type: string
+      type: object
     SecurityMonitoringRuleCase:
       description: Case when signal is generated.
       properties:
@@ -19594,6 +19613,11 @@ components:
           items:
             $ref: '#/components/schemas/SecurityMonitoringRuleQuery'
           type: array
+        referenceTables:
+          description: Reference tables for the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringReferenceTable'
+          type: array
         tags:
           description: Tags for generated signals.
           items:
@@ -20298,6 +20322,11 @@ components:
           items:
             $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
           type: array
+        referenceTables:
+          description: Reference tables for the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringReferenceTable'
+          type: array
         tags:
           description: Tags for generated signals.
           example:
@@ -20365,6 +20394,11 @@ components:
           items:
             $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
           type: array
+        referenceTables:
+          description: Reference tables for the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringReferenceTable'
+          type: array
         tags:
           description: Tags for generated signals.
           example:
@@ -20505,6 +20539,11 @@ components:
           items:
             $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
           type: array
+        referenceTables:
+          description: Reference tables for the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringReferenceTable'
+          type: array
         tags:
           description: Tags for generated signals.
           items:
@@ -20569,6 +20608,11 @@ components:
           items:
             $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
           type: array
+        referenceTables:
+          description: Reference tables for the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringReferenceTable'
+          type: array
         tags:
           description: Tags for generated signals.
           example:
 
@@ -1,6 +1,7 @@
 // Create a detection rule returns "OK" response
 use datadog_api_client::datadog;
 use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
+use datadog_api_client::datadogV2::model::SecurityMonitoringReferenceTable;
 use datadog_api_client::datadogV2::model::SecurityMonitoringRuleCaseCreate;
 use datadog_api_client::datadogV2::model::SecurityMonitoringRuleCreatePayload;
 use datadog_api_client::datadogV2::model::SecurityMonitoringRuleEvaluationWindow;
@@ -39,6 +40,12 @@ async fn main() {
                     .query("@test:true".to_string())],
             )
             .filters(vec![])
+            .reference_tables(vec![SecurityMonitoringReferenceTable::new()
+                .check_presence(true)
+                .column_name("value".to_string())
+                .log_field_path("testtag".to_string())
+                .rule_query_name("a".to_string())
+                .table_name("synthetics_test_reference_table_dont_delete".to_string())])
             .tags(vec![])
             .type_(SecurityMonitoringRuleTypeCreate::LOG_DETECTION),
         ));
 
@@ -2440,6 +2440,8 @@ pub mod model_security_monitoring_standard_rule_query;
 pub use self::model_security_monitoring_standard_rule_query::SecurityMonitoringStandardRuleQuery;
 pub mod model_security_monitoring_rule_query_aggregation;
 pub use self::model_security_monitoring_rule_query_aggregation::SecurityMonitoringRuleQueryAggregation;
+pub mod model_security_monitoring_reference_table;
+pub use self::model_security_monitoring_reference_table::SecurityMonitoringReferenceTable;
 pub mod model_security_monitoring_third_party_rule_case;
 pub use self::model_security_monitoring_third_party_rule_case::SecurityMonitoringThirdPartyRuleCase;
 pub mod model_security_monitoring_rule_type_read;
 
@@ -0,0 +1,177 @@
+// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+// This product includes software developed at Datadog (https://www.datadoghq.com/).
+// Copyright 2019-Present Datadog, Inc.
+use serde::de::{Error, MapAccess, Visitor};
+use serde::{Deserialize, Deserializer, Serialize};
+use serde_with::skip_serializing_none;
+use std::fmt::{self, Formatter};
+
+/// Reference table for the rule.
+#[non_exhaustive]
+#[skip_serializing_none]
+#[derive(Clone, Debug, PartialEq, Serialize)]
+pub struct SecurityMonitoringReferenceTable {
+    /// Whether to include or exclude the matched values.
+    #[serde(rename = "checkPresence")]
+    pub check_presence: Option<bool>,
+    /// The name of the column in the reference table.
+    #[serde(rename = "columnName")]
+    pub column_name: Option<String>,
+    /// The field in the log to match against the reference table.
+    #[serde(rename = "logFieldPath")]
+    pub log_field_path: Option<String>,
+    /// The name of the rule query to apply the reference table to.
+    #[serde(rename = "ruleQueryName")]
+    pub rule_query_name: Option<String>,
+    /// The name of the reference table.
+    #[serde(rename = "tableName")]
+    pub table_name: Option<String>,
+    #[serde(flatten)]
+    pub additional_properties: std::collections::BTreeMap<String, serde_json::Value>,
+    #[serde(skip)]
+    #[serde(default)]
+    pub(crate) _unparsed: bool,
+}
+
+impl SecurityMonitoringReferenceTable {
+    pub fn new() -> SecurityMonitoringReferenceTable {
+        SecurityMonitoringReferenceTable {
+            check_presence: None,
+            column_name: None,
+            log_field_path: None,
+            rule_query_name: None,
+            table_name: None,
+            additional_properties: std::collections::BTreeMap::new(),
+            _unparsed: false,
+        }
+    }
+
+    pub fn check_presence(mut self, value: bool) -> Self {
+        self.check_presence = Some(value);
+        self
+    }
+
+    pub fn column_name(mut self, value: String) -> Self {
+        self.column_name = Some(value);
+        self
+    }
+
+    pub fn log_field_path(mut self, value: String) -> Self {
+        self.log_field_path = Some(value);
+        self
+    }
+
+    pub fn rule_query_name(mut self, value: String) -> Self {
+        self.rule_query_name = Some(value);
+        self
+    }
+
+    pub fn table_name(mut self, value: String) -> Self {
+        self.table_name = Some(value);
+        self
+    }
+
+    pub fn additional_properties(
+        mut self,
+        value: std::collections::BTreeMap<String, serde_json::Value>,
+    ) -> Self {
+        self.additional_properties = value;
+        self
+    }
+}
+
+impl Default for SecurityMonitoringReferenceTable {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl<'de> Deserialize<'de> for SecurityMonitoringReferenceTable {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: Deserializer<'de>,
+    {
+        struct SecurityMonitoringReferenceTableVisitor;
+        impl<'a> Visitor<'a> for SecurityMonitoringReferenceTableVisitor {
+            type Value = SecurityMonitoringReferenceTable;
+
+            fn expecting(&self, f: &mut Formatter<'_>) -> fmt::Result {
+                f.write_str("a mapping")
+            }
+
+            fn visit_map<M>(self, mut map: M) -> Result<Self::Value, M::Error>
+            where
+                M: MapAccess<'a>,
+            {
+                let mut check_presence: Option<bool> = None;
+                let mut column_name: Option<String> = None;
+                let mut log_field_path: Option<String> = None;
+                let mut rule_query_name: Option<String> = None;
+                let mut table_name: Option<String> = None;
+                let mut additional_properties: std::collections::BTreeMap<
+                    String,
+                    serde_json::Value,
+                > = std::collections::BTreeMap::new();
+                let mut _unparsed = false;
+
+                while let Some((k, v)) = map.next_entry::<String, serde_json::Value>()? {
+                    match k.as_str() {
+                        "checkPresence" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            check_presence =
+                                Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
+                        "columnName" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            column_name =
+                                Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
+                        "logFieldPath" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            log_field_path =
+                                Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
+                        "ruleQueryName" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            rule_query_name =
+                                Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
+                        "tableName" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            table_name = Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
+                        &_ => {
+                            if let Ok(value) = serde_json::from_value(v.clone()) {
+                                additional_properties.insert(k, value);
+                            }
+                        }
+                    }
+                }
+
+                let content = SecurityMonitoringReferenceTable {
+                    check_presence,
+                    column_name,
+                    log_field_path,
+                    rule_query_name,
+                    table_name,
+                    additional_properties,
+                    _unparsed,
+                };
+
+                Ok(content)
+            }
+        }
+
+        deserializer.deserialize_any(SecurityMonitoringReferenceTableVisitor)
+    }
+}
@@ -39,6 +39,9 @@ pub struct SecurityMonitoringRuleUpdatePayload {
     /// Queries for selecting logs which are part of the rule.
     #[serde(rename = "queries")]
     pub queries: Option<Vec<crate::datadogV2::model::SecurityMonitoringRuleQuery>>,
+    /// Reference tables for the rule.
+    #[serde(rename = "referenceTables")]
+    pub reference_tables: Option<Vec<crate::datadogV2::model::SecurityMonitoringReferenceTable>>,
     /// Tags for generated signals.
     #[serde(rename = "tags")]
     pub tags: Option<Vec<String>>,
@@ -68,6 +71,7 @@ impl SecurityMonitoringRuleUpdatePayload {
             name: None,
             options: None,
             queries: None,
+            reference_tables: None,
             tags: None,
             third_party_cases: None,
             version: None,
@@ -136,6 +140,14 @@ impl SecurityMonitoringRuleUpdatePayload {
         self
     }
 
+    pub fn reference_tables(
+        mut self,
+        value: Vec<crate::datadogV2::model::SecurityMonitoringReferenceTable>,
+    ) -> Self {
+        self.reference_tables = Some(value);
+        self
+    }
+
     pub fn tags(mut self, value: Vec<String>) -> Self {
         self.tags = Some(value);
         self
@@ -201,6 +213,9 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleUpdatePayload {
                     None;
                 let mut queries: Option<Vec<crate::datadogV2::model::SecurityMonitoringRuleQuery>> =
                     None;
+                let mut reference_tables: Option<
+                    Vec<crate::datadogV2::model::SecurityMonitoringReferenceTable>,
+                > = None;
                 let mut tags: Option<Vec<String>> = None;
                 let mut third_party_cases: Option<
                     Vec<crate::datadogV2::model::SecurityMonitoringThirdPartyRuleCase>,
@@ -270,6 +285,13 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleUpdatePayload {
                             }
                             queries = Some(serde_json::from_value(v).map_err(M::Error::custom)?);
                         }
+                        "referenceTables" => {
+                            if v.is_null() {
+                                continue;
+                            }
+                            reference_tables =
+                                Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
                         "tags" => {
                             if v.is_null() {
                                 continue;
@@ -307,6 +329,7 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleUpdatePayload {
                     name,
                     options,
                     queries,
+                    reference_tables,
                     tags,
                     third_party_cases,
                     version,
Original file line number	Diff line number	Diff line change
`@@ -4,13 +4,13 @@`
`4`	`4`	`"spec_versions": {`
`5`	`5`	`"v1": {`
`6`	`6`	`"apigentools_version": "1.6.6",`
`7`		`- "regenerated": "2024-09-30 14:37:40.714287",`
`8`		`- "spec_repo_commit": "60bc9127"`
	`7`	`+ "regenerated": "2024-09-30 19:44:30.949374",`
	`8`	`+ "spec_repo_commit": "909e369c"`
`9`	`9`	`},`
`10`	`10`	`"v2": {`
`11`	`11`	`"apigentools_version": "1.6.6",`
`12`		`- "regenerated": "2024-09-30 14:37:40.728525",`
`13`		`- "spec_repo_commit": "60bc9127"`
	`12`	`+ "regenerated": "2024-09-30 19:44:30.963864",`
	`13`	`+ "spec_repo_commit": "909e369c"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`