Skip to content

Update docs for Security Finding API endpoints #3074

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
api-clients-generation-pipeline merged 1 commit into from
Jan 12, 2026
Merged

Update docs for Security Finding API endpoints #3074

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 21 additions & 7 deletions .generator/schemas/v2/openapi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78107,7 +78107,13 @@ paths:
cursorPath: meta.page.cursor
limitParam: page[limit]
resultsPath: data
x-unstable: '**Note**: This endpoint is in public beta.
x-unstable: '**Note**: This endpoint uses the legacy security findings data
model and is planned for deprecation.

Use the [search security findings endpoint](https://docs.datadoghq.com/api/latest/security-monitoring/#search-security-findings),

which is based on the [new security findings schema](https://docs.datadoghq.com/security/guide/findings-schema/),
to search security findings.

If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
patch:
Expand Down Expand Up @@ -78207,7 +78213,13 @@ paths:
summary: Get a finding
tags:
- Security Monitoring
x-unstable: '**Note**: This endpoint is in public beta.
x-unstable: '**Note**: This endpoint uses the legacy security findings data
model and is planned for deprecation.

Use the [search security findings endpoint](https://docs.datadoghq.com/api/latest/security-monitoring/#search-security-findings),

which is based on the [new security findings schema](https://docs.datadoghq.com/security/guide/findings-schema/),
to search security findings.

If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
/api/v2/powerpacks:
Expand Down Expand Up @@ -82153,15 +82165,16 @@ paths:
- security_monitoring_cws_agent_rules_read
/api/v2/security/findings:
get:
description: 'Get a list of security findings that match a search query.
description: 'Get a list of security findings that match a search query. [See
the schema for security findings](https://docs.datadoghq.com/security/guide/findings-schema/).


### Query Syntax


This endpoint uses the logs query syntax. Findings attributes (living in the
custom. namespace) are prefixed by @ when queried. Tags are queried without
a prefix.
attributes.attributes. namespace) are prefixed by @ when queried. Tags are
queried without a prefix.


Example: `@severity:(critical OR high) @status:open team:platform`'
Expand Down Expand Up @@ -82452,13 +82465,14 @@ paths:
Please check the documentation regularly for updates.'
/api/v2/security/findings/search:
post:
description: 'Get a list of security findings that match a search query.
description: 'Get a list of security findings that match a search query. [See
the schema for security findings](https://docs.datadoghq.com/security/guide/findings-schema/).


### Query Syntax


The API uses the logs query syntax. Findings attributes (living in the custom.
The API uses the logs query syntax. Findings attributes (living in the attributes.attributes.
namespace) are prefixed by @ when queried. Tags are queried without a prefix.


Expand Down
8 changes: 4 additions & 4 deletions src/datadog_api_client/v2/api/security_monitoring_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3814,11 +3814,11 @@ def list_security_findings(
) -> ListSecurityFindingsResponse:
"""List security findings.

Get a list of security findings that match a search query.
Get a list of security findings that match a search query. `See the schema for security findings <https://docs.datadoghq.com/security/guide/findings-schema/>`_.

**Query Syntax**

This endpoint uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
This endpoint uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ``@severity:(critical OR high) @status:open team:platform``

Expand Down Expand Up @@ -4717,11 +4717,11 @@ def search_security_findings(
) -> ListSecurityFindingsResponse:
"""Search security findings.

Get a list of security findings that match a search query.
Get a list of security findings that match a search query. `See the schema for security findings <https://docs.datadoghq.com/security/guide/findings-schema/>`_.

**Query Syntax**

The API uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
The API uses the logs query syntax. Findings attributes (living in the attributes.attributes. namespace) are prefixed by @ when queried. Tags are queried without a prefix.

Example: ``@severity:(critical OR high) @status:open team:platform``

Expand Down