No guide on custom rules

Question

No guide on custom rules

Opened this issue 3 years ago · 3 comments

I cannot for the life of me find any documented guide on how to create any custom rules. Does one exist or in the works?

Answer 1 · 2021-05-27T13:45:11.000Z

For the security platform you will find the documentation here.

Answer 2 · 2021-05-27T15:57:31.000Z

Sort of, but nothing about writing runtime security rules.

https://docs.datadoghq.com/fr/security_platform/detection_rules/

Answer 3 · 2021-06-11T22:16:42.000Z

Hello @djtecha,

I have a couple of pieces of documentation that may help you! The first one is the documentation on how agent expressions work, the second one is a guide on writing efficient rules

These are both relatively new additions so I hope they help! If not please let us know, we're actively expanding the set of documentation available for this product.