Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

Add insights to a case

Note: This endpoint is in preview and is subject to change. If you have any feedback, contact Datadog support.

PUT https://api.ap1.datadoghq.com/api/v2/cases/{case_id}/insightshttps://api.ap2.datadoghq.com/api/v2/cases/{case_id}/insightshttps://api.datadoghq.eu/api/v2/cases/{case_id}/insightshttps://api.ddog-gov.com/api/v2/cases/{case_id}/insightshttps://api.us2.ddog-gov.com/api/v2/cases/{case_id}/insightshttps://api.datadoghq.com/api/v2/cases/{case_id}/insightshttps://api.us3.datadoghq.com/api/v2/cases/{case_id}/insightshttps://api.us5.datadoghq.com/api/v2/cases/{case_id}/insights

Overview

Adds one or more insights to a case. Insights are references to related Datadog resources (such as monitors, security signals, incidents, or error tracking issues) that provide investigative context. Up to 100 insights can be added per request. Each insight requires a type (see CaseInsightType for allowed values), a ref (URL path to the resource), and a resource_id.

OAuth apps require the cases_write authorization scope to access this endpoint.

Arguments

Path Parameters

Name

Type

Description

case_id [required]

string

Case’s UUID or key

Request

Body Data (required)

Case insights request.

Expand All

Field

Type

Description

data [required]

object

Data object containing the insights to add or remove.

attributes [required]

object

Attributes for adding or removing insights from a case.

insights [required]

[object]

Array of insights to add to or remove from a case.

ref [required]

string

The URL path or deep link to the insight resource within Datadog (for example, /monitors/12345?q=total).

resource_id [required]

string

The unique identifier of the referenced Datadog resource (for example, a monitor ID, incident ID, or signal ID).

type [required]

enum

The type of Datadog resource linked to the case as contextual evidence. Each type corresponds to a different Datadog product signal (for example, a security finding, a monitor alert, or an incident). Allowed enum values: SECURITY_SIGNAL,MONITOR,EVENT_CORRELATION,ERROR_TRACKING,CLOUD_COST_RECOMMENDATION,INCIDENT,SENSITIVE_DATA_SCANNER_ISSUE,EVENT,WATCHDOG_STORY,WIDGET

Show 6 more,SECURITY_FINDING,INSIGHT_SCORECARD_CAMPAIGN,RESOURCE_POLICY,APM_RECOMMENDATION,SCM_URL,PROFILING_DOWNSIZING_EXPERIMENT

type [required]

enum

JSON:API resource type for cases. Allowed enum values: case

default: case

{
  "data": {
    "attributes": {
      "insights": [
        {
          "ref": "/monitors/12345?q=total",
          "resource_id": "12345",
          "type": "SECURITY_SIGNAL"
        }
      ]
    },
    "type": "case"
  }
}

Response

OK

Case response

Expand All

Field

Type

Description

data

object

A case

attributes [required]

object

Case resource attributes

archived_at

date-time

Timestamp of when the case was archived

attributes

object

Key-value pairs of case attributes. Each key maps to an array of string values, used for flexible metadata such as labels or tags.

<any-key>

[string]

closed_at

date-time

Timestamp of when the case was closed

created_at

date-time

Timestamp of when the case was created

custom_attributes

object

Case custom attributes

<any-key>

object

A typed value for a custom attribute on a specific case.

is_multi [required]

boolean

If true, value must be an array

type [required]

enum

The data type of the custom attribute, which determines the allowed values and UI input control. Allowed enum values: URL,TEXT,NUMBER,SELECT

value [required]

 <oneOf>

The value of a custom attribute. The accepted format depends on the attribute's type and whether it accepts multiple values.

Option 1

string

A string value for a TEXT, URL, or SELECT-type custom attribute.

Option 2

[string]

An array of string values for a multi-value TEXT, URL, or SELECT-type custom attribute.

Option 3

double

A numeric value for a NUMBER-type custom attribute.

Option 4

[number]

An array of numeric values for a multi-value NUMBER-type custom attribute.

description

string

Description

jira_issue

object

Jira issue attached to case

result

object

Jira issue information

issue_id

string

Jira issue ID

issue_key

string

Jira issue key

issue_url

string

Jira issue URL

project_key

string

Jira project key

status

enum

Case status Allowed enum values: IN_PROGRESS,COMPLETED,FAILED

default: IN_PROGRESS

key

string

Key

modified_at

date-time

Timestamp of when the case was last modified

priority

enum

Case priority Allowed enum values: NOT_DEFINED,P1,P2,P3,P4,P5

default: NOT_DEFINED

service_now_ticket

object

ServiceNow ticket attached to case

result

object

ServiceNow ticket information

sys_target_link

string

Link to the Incident created on ServiceNow

status

enum

Case status Allowed enum values: IN_PROGRESS,COMPLETED,FAILED

default: IN_PROGRESS

status

enum

DEPRECATED: Deprecated way of representing the case status, which only supports OPEN, IN_PROGRESS, and CLOSED statuses. Use status_name instead. Allowed enum values: OPEN,IN_PROGRESS,CLOSED

status_group

enum

Status group of the case. Allowed enum values: SG_OPEN,SG_IN_PROGRESS,SG_CLOSED

status_name

string

Status of the case. Must be one of the existing statuses for the case's type.

title

string

Title

type

enum

DEPRECATED: Case type Allowed enum values: STANDARD

type_id

string

Case type UUID

id [required]

string

Case's identifier

relationships

object

Resources related to a case

assignee

object

Relationship to user.

data [required]

object

Relationship to user object.

id [required]

string

A unique identifier that represents the user.

type [required]

enum

User resource type. Allowed enum values: user

default: user

created_by

object

Relationship to user.

data [required]

object

Relationship to user object.

id [required]

string

A unique identifier that represents the user.

type [required]

enum

User resource type. Allowed enum values: user

default: user

modified_by

object

Relationship to user.

data [required]

object

Relationship to user object.

id [required]

string

A unique identifier that represents the user.

type [required]

enum

User resource type. Allowed enum values: user

default: user

project

object

Relationship to project.

data [required]

object

Relationship to project object.

id [required]

string

A unique identifier that represents the project.

type [required]

enum

Project resource type. Allowed enum values: project

default: project

type [required]

enum

JSON:API resource type for cases. Allowed enum values: case

default: case

{
  "data": {
    "attributes": {
      "archived_at": "2019-09-19T10:00:00.000Z",
      "attributes": {
        "<any-key>": []
      },
      "closed_at": "2019-09-19T10:00:00.000Z",
      "created_at": "2019-09-19T10:00:00.000Z",
      "custom_attributes": {
        "<any-key>": {
          "is_multi": false,
          "type": "NUMBER",
          "value": {
            "description": "",
            "type": ""
          }
        }
      },
      "description": "string",
      "jira_issue": {
        "result": {
          "issue_id": "string",
          "issue_key": "string",
          "issue_url": "string",
          "project_key": "string"
        },
        "status": "COMPLETED"
      },
      "key": "CASEM-4523",
      "modified_at": "2019-09-19T10:00:00.000Z",
      "priority": "NOT_DEFINED",
      "service_now_ticket": {
        "result": {
          "sys_target_link": "string"
        },
        "status": "COMPLETED"
      },
      "status": "OPEN",
      "status_group": "SG_OPEN",
      "status_name": "Open",
      "title": "Memory leak investigation on API",
      "type": "STANDARD",
      "type_id": "3b010bde-09ce-4449-b745-71dd5f861963"
    },
    "id": "aeadc05e-98a8-11ec-ac2c-da7ad0900001",
    "relationships": {
      "assignee": {
        "data": {
          "id": "00000000-0000-0000-0000-000000000000",
          "type": "user"
        }
      },
      "created_by": {
        "data": {
          "id": "00000000-0000-0000-0000-000000000000",
          "type": "user"
        }
      },
      "modified_by": {
        "data": {
          "id": "00000000-0000-0000-0000-000000000000",
          "type": "user"
        }
      },
      "project": {
        "data": {
          "id": "e555e290-ed65-49bd-ae18-8acbfcf18db7",
          "type": "project"
        }
      }
    },
    "type": "case"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Unauthorized

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Forbidden

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  ## default
# 

# Path parameters
export case_id="f98a5a5b-e0ff-45d4-b2f5-afe6e74de504"
# Curl command
curl -X PUT "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/cases/${case_id}/insights" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "insights": [
        {
          "ref": "/monitors/12345?q=total",
          "resource_id": "12345",
          "type": "SECURITY_SIGNAL"
        }
      ]
    },
    "type": "case"
  }
}
EOF