Regenerate client from commit f914b1d of spec repo

ci.datadog-api-spec · ci.datadog-api-spec · commit 8e1ac8b8f1a4 · 2025-12-08T14:13:00.000Z
diff --git a/content/en/api/v2/security-monitoring/examples.json b/content/en/api/v2/security-monitoring/examples.json
diff --git a/content/en/api/v2/security-monitoring/request.CreateSecurityMonitoringRule_3581421091.json b/content/en/api/v2/security-monitoring/request.CreateSecurityMonitoringRule_3581421091.json
@@ -0,0 +1,44 @@
+{
+  "name": "Example-Security-Monitoring",
+  "queries": [
+    {
+      "query": "source:source_here",
+      "groupByFields": [
+        "@userIdentity.assumed_role"
+      ],
+      "distinctFields": [],
+      "metric": "name",
+      "metrics": [
+        "name"
+      ],
+      "aggregation": "new_value",
+      "name": "",
+      "dataSource": "logs"
+    }
+  ],
+  "filters": [],
+  "cases": [
+    {
+      "name": "",
+      "status": "info",
+      "notifications": []
+    }
+  ],
+  "options": {
+    "evaluationWindow": 0,
+    "keepAlive": 300,
+    "maxSignalDuration": 600,
+    "detectionMethod": "new_value",
+    "newValueOptions": {
+      "forgetAfter": 7,
+      "instantaneousBaseline": true,
+      "learningDuration": 1,
+      "learningThreshold": 0,
+      "learningMethod": "duration"
+    }
+  },
+  "message": "Test rule",
+  "tags": [],
+  "isEnabled": true,
+  "type": "log_detection"
+}
diff --git a/content/en/api/v2/security-monitoring/request.ValidateSecurityMonitoringRule_2609327779.json b/content/en/api/v2/security-monitoring/request.ValidateSecurityMonitoringRule_2609327779.json
@@ -0,0 +1,47 @@
+{
+  "cases": [
+    {
+      "name": "",
+      "status": "info",
+      "notifications": []
+    }
+  ],
+  "hasExtendedTitle": true,
+  "isEnabled": true,
+  "message": "My security monitoring rule",
+  "name": "My security monitoring rule",
+  "options": {
+    "evaluationWindow": 0,
+    "keepAlive": 300,
+    "maxSignalDuration": 600,
+    "detectionMethod": "new_value",
+    "newValueOptions": {
+      "forgetAfter": 7,
+      "instantaneousBaseline": true,
+      "learningDuration": 1,
+      "learningThreshold": 0,
+      "learningMethod": "duration"
+    }
+  },
+  "queries": [
+    {
+      "query": "source:source_here",
+      "groupByFields": [
+        "@userIdentity.assumed_role"
+      ],
+      "distinctFields": [],
+      "metric": "name",
+      "metrics": [
+        "name"
+      ],
+      "aggregation": "new_value",
+      "name": "",
+      "dataSource": "logs"
+    }
+  ],
+  "tags": [
+    "env:prod",
+    "team:security"
+  ],
+  "type": "log_detection"
+}
diff --git a/data/api/v2/CodeExamples.json b/data/api/v2/CodeExamples.json
@@ -1527,6 +1527,11 @@
       "suffix": "_461183901",
       "description": "Create a detection rule with type 'impossible_travel' returns \"OK\" response"
     },
+    {
+      "group": "security_monitoring",
+      "suffix": "_3581421091",
+      "description": "Create a detection rule with type 'new_value' with 'instantaneousBaseline' enabled returns \"OK\" response"
+    },
     {
       "group": "security_monitoring",
       "suffix": "_914562040",
@@ -1709,6 +1714,11 @@
       "suffix": "",
       "description": "Validate a detection rule returns \"OK\" response"
     },
+    {
+      "group": "security_monitoring",
+      "suffix": "_2609327779",
+      "description": "Validate a detection rule with detection method 'new_value' with enabled feature 'instantaneousBaseline' returns \"OK\" response"
+    },
     {
       "group": "security_monitoring",
       "suffix": "_4152369508",
diff --git a/data/api/v2/full_spec.yaml b/data/api/v2/full_spec.yaml
@@ -47362,6 +47362,8 @@ components:
       properties:
         forgetAfter:
           $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptionsForgetAfter'
+        instantaneousBaseline:
+          $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptionsInstantaneousBaseline'
         learningDuration:
           $ref: '#/components/schemas/SecurityMonitoringRuleNewValueOptionsLearningDuration'
         learningMethod:
@@ -47387,6 +47389,15 @@ components:
       - TWO_WEEKS
       - THREE_WEEKS
       - FOUR_WEEKS
+    SecurityMonitoringRuleNewValueOptionsInstantaneousBaseline:
+      description: 'If true, every time Datadog learns a new group-by value, it takes
+        old matching values within the learning window and builds the baseline with
+        it.
+
+        Therefore, it attempts to build the baseline swiftly using existing values
+        instead of learning them over time.'
+      example: false
+      type: boolean
     SecurityMonitoringRuleNewValueOptionsLearningDuration:
       default: 0
       description: 'The duration in days during which values are learned, and after
