---
title: Attach security findings to a case
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > API Reference > Security Monitoring
---

# Attach security findings to a case{% #attach-security-findings-to-a-case %}
Copy pageCopied
{% tab title="v2" %}

| Datadog site      | API endpoint                                                                 |
| ----------------- | ---------------------------------------------------------------------------- |
| ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/cases/{case_id} |
| ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security/findings/cases/{case_id} |
| app.datadoghq.eu  | PATCH https://api.datadoghq.eu/api/v2/security/findings/cases/{case_id}      |
| app.ddog-gov.com  | PATCH https://api.ddog-gov.com/api/v2/security/findings/cases/{case_id}      |
| us2.ddog-gov.com  | PATCH https://api.us2.ddog-gov.com/api/v2/security/findings/cases/{case_id}  |
| app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security/findings/cases/{case_id}     |
| us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security/findings/cases/{case_id} |
| us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security/findings/cases/{case_id} |

### Overview

Attach security findings to a case. You can attach up to 50 security findings per case. Security findings that are already attached to another case will be detached from their previous case and attached to the specified case. This endpoint requires any of the following permissions:
`security_monitoring_findings_write``appsec_vm_write` 


### Arguments

#### Path Parameters

| Name                      | Type   | Description                                                  |
| ------------------------- | ------ | ------------------------------------------------------------ |
| case_id [*required*] | string | Unique identifier of the case to attach security findings to |

### Request

#### Body Data (required)



{% tab title="Model" %}

| Parent field  | Field                      | Type     | Description                                                      |
| ------------- | -------------------------- | -------- | ---------------------------------------------------------------- |
|               | data                       | object   | Data of the case to attach security findings to.                 |
| data          | id [*required*]       | string   | Unique identifier of the case.                                   |
| data          | relationships              | object   | Relationships of the case to attach security findings to.        |
| relationships | findings [*required*] | object   | Security findings to attach to the case.                         |
| findings      | data                       | [object] | Array of security finding data objects.                          |
| data          | id [*required*]       | string   | Unique identifier of the security finding.                       |
| data          | type [*required*]     | enum     | Security findings resource type. Allowed enum values: `findings` |
| data          | type [*required*]     | enum     | Cases resource type. Allowed enum values: `cases`                |

{% /tab %}

{% tab title="Example" %}
##### 

```json
{
  "data": {
    "id": "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
            "type": "findings"
          }
        ]
      }
    },
    "type": "cases"
  }
}
```

##### 

```json
{
  "data": {
    "id": "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
            "type": "findings"
          },
          {
            "id": "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=",
            "type": "findings"
          }
        ]
      }
    },
    "type": "cases"
  }
}
```

{% /tab %}

### Response

{% tab title="200" %}
OK
{% tab title="Model" %}
Case response.

| Parent field         | Field                  | Type      | Description                                                                                                                                      |
| -------------------- | ---------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------ |
|                      | data                   | object    | Data of the case.                                                                                                                                |
| data                 | attributes             | object    | Attributes of the case.                                                                                                                          |
| attributes           | archived_at            | date-time | Timestamp of when the case was archived.                                                                                                         |
| attributes           | assigned_to            | object    | User assigned to the case.                                                                                                                       |
| assigned_to          | data [*required*] | object    | Relationship to user object.                                                                                                                     |
| data                 | id [*required*]   | string    | A unique identifier that represents the user.                                                                                                    |
| data                 | type [*required*] | enum      | Users resource type. Allowed enum values: `users`                                                                                                |
| attributes           | attributes             | object    | Custom attributes associated with the case as key-value pairs where values are string arrays.                                                    |
| additionalProperties | <any-key>              | [string]  |
| attributes           | closed_at              | date-time | Timestamp of when the case was closed.                                                                                                           |
| attributes           | created_at             | date-time | Timestamp of when the case was created.                                                                                                          |
| attributes           | creation_source        | string    | Source of the case creation.                                                                                                                     |
| attributes           | description            | string    | Description of the case.                                                                                                                         |
| attributes           | due_date               | string    | Due date of the case.                                                                                                                            |
| attributes           | insights               | [object]  | Insights of the case.                                                                                                                            |
| insights             | ref                    | string    | Reference of the insight.                                                                                                                        |
| insights             | resource_id            | string    | Unique identifier of the resource. For example, the unique identifier of a security finding.                                                     |
| insights             | type                   | string    | Type of the resource. For example, the type of a security finding is "SECURITY_FINDING".                                                         |
| attributes           | jira_issue             | object    | Jira issue associated with the case.                                                                                                             |
| jira_issue           | error_message          | string    | Error message if the Jira issue creation failed.                                                                                                 |
| jira_issue           | result                 | object    | Result of the Jira issue creation.                                                                                                               |
| result               | account_id             | string    | Account ID of the Jira issue.                                                                                                                    |
| result               | issue_id               | string    | Unique identifier of the Jira issue.                                                                                                             |
| result               | issue_key              | string    | Key of the Jira issue.                                                                                                                           |
| result               | issue_url              | string    | URL of the Jira issue.                                                                                                                           |
| jira_issue           | status                 | string    | Status of the Jira issue creation. Can be "COMPLETED" if the Jira issue was created successfully, or "FAILED" if the Jira issue creation failed. |
| attributes           | key                    | string    | Key of the case.                                                                                                                                 |
| attributes           | modified_at            | date-time | Timestamp of when the case was last modified.                                                                                                    |
| attributes           | priority               | string    | Priority of the case.                                                                                                                            |
| attributes           | servicenow_ticket      | object    | ServiceNow ticket associated with the case.                                                                                                      |
| servicenow_ticket    | result                 | object    | Result of the ServiceNow ticket creation or attachment.                                                                                          |
| result               | instance_name          | string    | ServiceNow instance name extracted from the ticket URL.                                                                                          |
| result               | sys_id                 | string    | Unique identifier of the ServiceNow incident record.                                                                                             |
| result               | sys_target_link        | string    | Direct link to the ServiceNow incident record.                                                                                                   |
| result               | sys_target_sys_id      | string    | Unique identifier of the target ServiceNow record.                                                                                               |
| result               | table_name             | string    | ServiceNow table containing the incident record.                                                                                                 |
| result               | url                    | string    | URL of the ServiceNow incident record.                                                                                                           |
| servicenow_ticket    | status                 | string    | Status of the ServiceNow ticket operation. Can be "COMPLETED" if successful, or "FAILED" if the operation failed.                                |
| attributes           | status                 | string    | Status of the case.                                                                                                                              |
| attributes           | status_group           | string    | Status group of the case.                                                                                                                        |
| attributes           | status_name            | string    | Status name of the case.                                                                                                                         |
| attributes           | title                  | string    | Title of the case.                                                                                                                               |
| attributes           | type                   | string    | Type of the case. For security cases, this is always "SECURITY".                                                                                 |
| data                 | id                     | string    | Unique identifier of the case.                                                                                                                   |
| data                 | relationships          | object    | Relationships of the case.                                                                                                                       |
| relationships        | created_by             | object    | User who created the case.                                                                                                                       |
| created_by           | data [*required*] | object    | Relationship to user object.                                                                                                                     |
| data                 | id [*required*]   | string    | A unique identifier that represents the user.                                                                                                    |
| data                 | type [*required*] | enum      | Users resource type. Allowed enum values: `users`                                                                                                |
| relationships        | modified_by            | object    | User who last modified the case.                                                                                                                 |
| modified_by          | data [*required*] | object    | Relationship to user object.                                                                                                                     |
| data                 | id [*required*]   | string    | A unique identifier that represents the user.                                                                                                    |
| data                 | type [*required*] | enum      | Users resource type. Allowed enum values: `users`                                                                                                |
| relationships        | project                | object    | Project in which the case was created.                                                                                                           |
| project              | data [*required*] | object    | Data object representing a case management project.                                                                                              |
| data                 | id [*required*]   | string    | Unique identifier of the case management project.                                                                                                |
| data                 | type [*required*] | enum      | Projects resource type. Allowed enum values: `projects`                                                                                          |
| data                 | type [*required*] | enum      | Cases resource type. Allowed enum values: `cases`                                                                                                |

{% /tab %}

{% tab title="Example" %}

```json
{
  "data": {
    "attributes": {
      "archived_at": "2025-01-01T00:00:00.000Z",
      "assigned_to": {
        "data": {
          "id": "00000000-0000-0000-2345-000000000000",
          "type": "users"
        }
      },
      "attributes": {
        "<any-key>": []
      },
      "closed_at": "2025-01-01T00:00:00.000Z",
      "created_at": "2025-01-01T00:00:00.000Z",
      "creation_source": "CS_SECURITY_FINDING",
      "description": "A description of the case.",
      "due_date": "2025-01-01",
      "insights": [
        {
          "ref": "/security/appsec/vm/library/vulnerability/dfa027f7c037b2f77159adc027fecb56?detection=static",
          "resource_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw==",
          "type": "SECURITY_FINDING"
        }
      ],
      "jira_issue": {
        "error_message": "{\"errorMessages\":[\"An error occured.\"],\"errors\":{}}",
        "result": {
          "account_id": "463a8631-680e-455c-bfd3-3ed04d326eb7",
          "issue_id": "2871276",
          "issue_key": "PROJ-123",
          "issue_url": "https://domain.atlassian.net/browse/PROJ-123"
        },
        "status": "COMPLETED"
      },
      "key": "PROJ-123",
      "modified_at": "2025-01-01T00:00:00.000Z",
      "priority": "P4",
      "servicenow_ticket": {
        "result": {
          "instance_name": "example",
          "sys_id": "abcdef0123456789abcdef0123456789",
          "sys_target_link": "https://example.service-now.com/incident.do?sys_id=abcdef0123456789abcdef0123456789",
          "sys_target_sys_id": "abcdef0123456789abcdef0123456789",
          "table_name": "incident",
          "url": "https://example.service-now.com/now/nav/ui/classic/params/target/incident.do?sys_id=abcdef0123456789abcdef0123456789"
        },
        "status": "COMPLETED"
      },
      "status": "OPEN",
      "status_group": "SG_OPEN",
      "status_name": "Open",
      "title": "A title for the case.",
      "type": "SECURITY"
    },
    "id": "c1234567-89ab-cdef-0123-456789abcdef",
    "relationships": {
      "created_by": {
        "data": {
          "id": "00000000-0000-0000-2345-000000000000",
          "type": "users"
        }
      },
      "modified_by": {
        "data": {
          "id": "00000000-0000-0000-2345-000000000000",
          "type": "users"
        }
      },
      "project": {
        "data": {
          "id": "aeadc05e-98a8-11ec-ac2c-da7ad0900001",
          "type": "projects"
        }
      }
    },
    "type": "cases"
  }
}
```

{% /tab %}

{% /tab %}

{% tab title="400" %}
Bad Request
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="404" %}
Not Found
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="429" %}
Too many requests
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

### Code Example

##### 
                          \## default
# 
 \# Path parameters export case_id="CHANGE_ME" \# Curl command curl -X PATCH "https://api.datadoghq.com/api/v2/security/findings/cases/${case_id}" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "id": "c1234567-89ab-cdef-0123-456789abcdef",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="
          }
        ]
      }
    },
    "type": "cases"
  }
}
EOF 
                        
##### 
                          \## default
# 
 \# Path parameters export case_id="CHANGE_ME" \# Curl command curl -X PATCH "https://api.datadoghq.com/api/v2/security/findings/cases/${case_id}" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "id": "c1234567-89ab-cdef-0123-456789abcdef",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="
          }
        ]
      }
    },
    "type": "cases"
  }
}
EOF 
                        
##### 

```go
// Attach security finding to a case returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.AttachCaseRequest{
		Data: &datadogV2.AttachCaseRequestData{
			Id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
			Relationships: &datadogV2.AttachCaseRequestDataRelationships{
				Findings: datadogV2.Findings{
					Data: []datadogV2.FindingData{
						{
							Id:   "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
							Type: datadogV2.FINDINGDATATYPE_FINDINGS,
						},
					},
				},
			},
			Type: datadogV2.CASEDATATYPE_CASES,
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.AttachCase(ctx, "7d16945b-baf8-411e-ab2a-20fe43af1ea3", body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.AttachCase`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.AttachCase`:\n%s\n", responseContent)
}
```

##### 

```go
// Attach security findings to a case returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.AttachCaseRequest{
		Data: &datadogV2.AttachCaseRequestData{
			Id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
			Relationships: &datadogV2.AttachCaseRequestDataRelationships{
				Findings: datadogV2.Findings{
					Data: []datadogV2.FindingData{
						{
							Id:   "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
							Type: datadogV2.FINDINGDATATYPE_FINDINGS,
						},
						{
							Id:   "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=",
							Type: datadogV2.FINDINGDATATYPE_FINDINGS,
						},
					},
				},
			},
			Type: datadogV2.CASEDATATYPE_CASES,
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.AttachCase(ctx, "7d16945b-baf8-411e-ab2a-20fe43af1ea3", body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.AttachCase`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.AttachCase`:\n%s\n", responseContent)
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"
##### 

```java
// Attach security finding to a case returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.AttachCaseRequest;
import com.datadog.api.client.v2.model.AttachCaseRequestData;
import com.datadog.api.client.v2.model.AttachCaseRequestDataRelationships;
import com.datadog.api.client.v2.model.CaseDataType;
import com.datadog.api.client.v2.model.FindingCaseResponse;
import com.datadog.api.client.v2.model.FindingData;
import com.datadog.api.client.v2.model.FindingDataType;
import com.datadog.api.client.v2.model.Findings;
import java.util.Collections;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    AttachCaseRequest body =
        new AttachCaseRequest()
            .data(
                new AttachCaseRequestData()
                    .id("7d16945b-baf8-411e-ab2a-20fe43af1ea3")
                    .relationships(
                        new AttachCaseRequestDataRelationships()
                            .findings(
                                new Findings()
                                    .data(
                                        Collections.singletonList(
                                            new FindingData()
                                                .id(
                                                    "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=")
                                                .type(FindingDataType.FINDINGS)))))
                    .type(CaseDataType.CASES));

    try {
      FindingCaseResponse result =
          apiInstance.attachCase("7d16945b-baf8-411e-ab2a-20fe43af1ea3", body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#attachCase");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}
```

##### 

```java
// Attach security findings to a case returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.AttachCaseRequest;
import com.datadog.api.client.v2.model.AttachCaseRequestData;
import com.datadog.api.client.v2.model.AttachCaseRequestDataRelationships;
import com.datadog.api.client.v2.model.CaseDataType;
import com.datadog.api.client.v2.model.FindingCaseResponse;
import com.datadog.api.client.v2.model.FindingData;
import com.datadog.api.client.v2.model.FindingDataType;
import com.datadog.api.client.v2.model.Findings;
import java.util.Arrays;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    AttachCaseRequest body =
        new AttachCaseRequest()
            .data(
                new AttachCaseRequestData()
                    .id("7d16945b-baf8-411e-ab2a-20fe43af1ea3")
                    .relationships(
                        new AttachCaseRequestDataRelationships()
                            .findings(
                                new Findings()
                                    .data(
                                        Arrays.asList(
                                            new FindingData()
                                                .id(
                                                    "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=")
                                                .type(FindingDataType.FINDINGS),
                                            new FindingData()
                                                .id(
                                                    "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=")
                                                .type(FindingDataType.FINDINGS)))))
                    .type(CaseDataType.CASES));

    try {
      FindingCaseResponse result =
          apiInstance.attachCase("7d16945b-baf8-411e-ab2a-20fe43af1ea3", body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#attachCase");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"
##### 

```python
"""
Attach security finding to a case returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.attach_case_request import AttachCaseRequest
from datadog_api_client.v2.model.attach_case_request_data import AttachCaseRequestData
from datadog_api_client.v2.model.attach_case_request_data_relationships import AttachCaseRequestDataRelationships
from datadog_api_client.v2.model.case_data_type import CaseDataType
from datadog_api_client.v2.model.finding_data import FindingData
from datadog_api_client.v2.model.finding_data_type import FindingDataType
from datadog_api_client.v2.model.findings import Findings

body = AttachCaseRequest(
    data=AttachCaseRequestData(
        id="7d16945b-baf8-411e-ab2a-20fe43af1ea3",
        relationships=AttachCaseRequestDataRelationships(
            findings=Findings(
                data=[
                    FindingData(
                        id="ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
                        type=FindingDataType.FINDINGS,
                    ),
                ],
            ),
        ),
        type=CaseDataType.CASES,
    ),
)

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.attach_case(case_id="7d16945b-baf8-411e-ab2a-20fe43af1ea3", body=body)

    print(response)
```

##### 

```python
"""
Attach security findings to a case returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.attach_case_request import AttachCaseRequest
from datadog_api_client.v2.model.attach_case_request_data import AttachCaseRequestData
from datadog_api_client.v2.model.attach_case_request_data_relationships import AttachCaseRequestDataRelationships
from datadog_api_client.v2.model.case_data_type import CaseDataType
from datadog_api_client.v2.model.finding_data import FindingData
from datadog_api_client.v2.model.finding_data_type import FindingDataType
from datadog_api_client.v2.model.findings import Findings

body = AttachCaseRequest(
    data=AttachCaseRequestData(
        id="7d16945b-baf8-411e-ab2a-20fe43af1ea3",
        relationships=AttachCaseRequestDataRelationships(
            findings=Findings(
                data=[
                    FindingData(
                        id="ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
                        type=FindingDataType.FINDINGS,
                    ),
                    FindingData(
                        id="MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=",
                        type=FindingDataType.FINDINGS,
                    ),
                ],
            ),
        ),
        type=CaseDataType.CASES,
    ),
)

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.attach_case(case_id="7d16945b-baf8-411e-ab2a-20fe43af1ea3", body=body)

    print(response)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"
##### 

```ruby
# Attach security finding to a case returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new

body = DatadogAPIClient::V2::AttachCaseRequest.new({
  data: DatadogAPIClient::V2::AttachCaseRequestData.new({
    id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
    relationships: DatadogAPIClient::V2::AttachCaseRequestDataRelationships.new({
      findings: DatadogAPIClient::V2::Findings.new({
        data: [
          DatadogAPIClient::V2::FindingData.new({
            id: "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
            type: DatadogAPIClient::V2::FindingDataType::FINDINGS,
          }),
        ],
      }),
    }),
    type: DatadogAPIClient::V2::CaseDataType::CASES,
  }),
})
p api_instance.attach_case("7d16945b-baf8-411e-ab2a-20fe43af1ea3", body)
```

##### 

```ruby
# Attach security findings to a case returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new

body = DatadogAPIClient::V2::AttachCaseRequest.new({
  data: DatadogAPIClient::V2::AttachCaseRequestData.new({
    id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
    relationships: DatadogAPIClient::V2::AttachCaseRequestDataRelationships.new({
      findings: DatadogAPIClient::V2::Findings.new({
        data: [
          DatadogAPIClient::V2::FindingData.new({
            id: "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
            type: DatadogAPIClient::V2::FindingDataType::FINDINGS,
          }),
          DatadogAPIClient::V2::FindingData.new({
            id: "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=",
            type: DatadogAPIClient::V2::FindingDataType::FINDINGS,
          }),
        ],
      }),
    }),
    type: DatadogAPIClient::V2::CaseDataType::CASES,
  }),
})
p api_instance.attach_case("7d16945b-baf8-411e-ab2a-20fe43af1ea3", body)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"
##### 

```rust
// Attach security finding to a case returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
use datadog_api_client::datadogV2::model::AttachCaseRequest;
use datadog_api_client::datadogV2::model::AttachCaseRequestData;
use datadog_api_client::datadogV2::model::AttachCaseRequestDataRelationships;
use datadog_api_client::datadogV2::model::CaseDataType;
use datadog_api_client::datadogV2::model::FindingData;
use datadog_api_client::datadogV2::model::FindingDataType;
use datadog_api_client::datadogV2::model::Findings;

#[tokio::main]
async fn main() {
    let body =
        AttachCaseRequest
        ::new().data(
            AttachCaseRequestData::new(
                "7d16945b-baf8-411e-ab2a-20fe43af1ea3".to_string(),
                CaseDataType::CASES,
            ).relationships(
                AttachCaseRequestDataRelationships::new(
                    Findings
                    ::new().data(
                        vec![
                            FindingData::new(
                                "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=".to_string(),
                                FindingDataType::FINDINGS,
                            )
                        ],
                    ),
                ),
            ),
        );
    let configuration = datadog::Configuration::new();
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .attach_case("7d16945b-baf8-411e-ab2a-20fe43af1ea3".to_string(), body)
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}
```

##### 

```rust
// Attach security findings to a case returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
use datadog_api_client::datadogV2::model::AttachCaseRequest;
use datadog_api_client::datadogV2::model::AttachCaseRequestData;
use datadog_api_client::datadogV2::model::AttachCaseRequestDataRelationships;
use datadog_api_client::datadogV2::model::CaseDataType;
use datadog_api_client::datadogV2::model::FindingData;
use datadog_api_client::datadogV2::model::FindingDataType;
use datadog_api_client::datadogV2::model::Findings;

#[tokio::main]
async fn main() {
    let body =
        AttachCaseRequest
        ::new().data(
            AttachCaseRequestData::new(
                "7d16945b-baf8-411e-ab2a-20fe43af1ea3".to_string(),
                CaseDataType::CASES,
            ).relationships(
                AttachCaseRequestDataRelationships::new(
                    Findings
                    ::new().data(
                        vec![
                            FindingData::new(
                                "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=".to_string(),
                                FindingDataType::FINDINGS,
                            ),
                            FindingData::new(
                                "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=".to_string(),
                                FindingDataType::FINDINGS,
                            )
                        ],
                    ),
                ),
            ),
        );
    let configuration = datadog::Configuration::new();
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .attach_case("7d16945b-baf8-411e-ab2a-20fe43af1ea3".to_string(), body)
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run
##### 

```typescript
/**
 * Attach security finding to a case returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiAttachCaseRequest = {
  body: {
    data: {
      id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
      relationships: {
        findings: {
          data: [
            {
              id: "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
              type: "findings",
            },
          ],
        },
      },
      type: "cases",
    },
  },
  caseId: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
};

apiInstance
  .attachCase(params)
  .then((data: v2.FindingCaseResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));
```

##### 

```typescript
/**
 * Attach security findings to a case returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiAttachCaseRequest = {
  body: {
    data: {
      id: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
      relationships: {
        findings: {
          data: [
            {
              id: "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=",
              type: "findings",
            },
            {
              id: "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=",
              type: "findings",
            },
          ],
        },
      },
      type: "cases",
    },
  },
  caseId: "7d16945b-baf8-411e-ab2a-20fe43af1ea3",
};

apiInstance
  .attachCase(params)
  .then((data: v2.FindingCaseResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"
{% /tab %}