diff --git a/docs/data-sources/security_monitoring_rules.md b/docs/data-sources/security_monitoring_rules.md
index 06aaaca49..4e60f0c3c 100644
--- a/docs/data-sources/security_monitoring_rules.md
+++ b/docs/data-sources/security_monitoring_rules.md
@@ -49,6 +49,7 @@ Read-Only:
 - `name` (String)
 - `options` (List of Object) (see [below for nested schema](#nestedobjatt--rules--options))
 - `query` (List of Object) (see [below for nested schema](#nestedobjatt--rules--query))
+- `reference_tables` (List of Object) (see [below for nested schema](#nestedobjatt--rules--reference_tables))
 - `signal_query` (List of Object) (see [below for nested schema](#nestedobjatt--rules--signal_query))
 - `tags` (Set of String)
 - `third_party_case` (List of Object) (see [below for nested schema](#nestedobjatt--rules--third_party_case))
@@ -152,6 +153,18 @@ Read-Only:
 
 
 
+<a id="nestedobjatt--rules--reference_tables"></a>
+### Nested Schema for `rules.reference_tables`
+
+Read-Only:
+
+- `check_presence` (Boolean)
+- `column_name` (String)
+- `log_field_path` (String)
+- `rule_query_name` (String)
+- `table_name` (String)
+
+
 <a id="nestedobjatt--rules--signal_query"></a>
 ### Nested Schema for `rules.signal_query`
 
diff --git a/docs/resources/security_monitoring_rule.md b/docs/resources/security_monitoring_rule.md
index fa4784294..bc791fdcc 100644
--- a/docs/resources/security_monitoring_rule.md
+++ b/docs/resources/security_monitoring_rule.md
@@ -65,6 +65,7 @@ resource "datadog_security_monitoring_rule" "myrule" {
 - `has_extended_title` (Boolean) Whether the notifications include the triggering group-by values in their title. Defaults to `false`.
 - `options` (Block List, Max: 1) Options on rules. (see [below for nested schema](#nestedblock--options))
 - `query` (Block List) Queries for selecting logs which are part of the rule. (see [below for nested schema](#nestedblock--query))
+- `reference_tables` (Block List) Reference tables for filtering query results. (see [below for nested schema](#nestedblock--reference_tables))
 - `signal_query` (Block List) Queries for selecting logs which are part of the rule. (see [below for nested schema](#nestedblock--signal_query))
 - `tags` (Set of String) Tags for generated signals.
 - `third_party_case` (Block List, Max: 10) Cases for generating signals for third-party rules. Only required and accepted for third-party rules (see [below for nested schema](#nestedblock--third_party_case))
@@ -188,6 +189,18 @@ Required:
 
 
 
+<a id="nestedblock--reference_tables"></a>
+### Nested Schema for `reference_tables`
+
+Required:
+
+- `check_presence` (Boolean) Whether to include or exclude logs that match the reference table.
+- `column_name` (String) The name of the column in the reference table.
+- `log_field_path` (String) The field in the log that should be matched against the reference table.
+- `rule_query_name` (String) The name of the query to filter.
+- `table_name` (String) The name of the reference table.
+
+
 <a id="nestedblock--signal_query"></a>
 ### Nested Schema for `signal_query`