Change the related incidents of a security signal

v2 (latest)

PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidentshttps://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/incidents

Overview

Change the related incidents for a security signal. This endpoint requires the security_monitoring_signals_write permission.

Arguments

Path Parameters

Name

Type

Description

signal_id [required]

string

The ID of the signal.

Request

Body Data (required)

Attributes describing the signal update.

Expand All

Field

Type

Description

data [required]

object

Data containing the patch for changing the related incidents of a signal.

{
  "data": {
    "attributes": {
      "incident_ids": [
        2066
      ]
    }
  }
}

Response

The response returned after all triage operations, containing the updated signal triage data.

Expand All

Field

Type

Description

data [required]

object

Data containing the updated triage attributes of the signal.

{
  "data": {
    "attributes": {
      "archive_comment": "string",
      "archive_comment_timestamp": "integer",
      "archive_comment_user": {
        "handle": "string",
        "icon": "/path/to/matching/gravatar/icon",
        "id": "integer",
        "name": "string",
        "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940"
      },
      "archive_reason": "string",
      "assignee": {
        "handle": "string",
        "icon": "/path/to/matching/gravatar/icon",
        "id": "integer",
        "name": "string",
        "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940"
      },
      "incident_ids": [
        2066
      ],
      "state": "open",
      "state_update_timestamp": "integer",
      "state_update_user": {
        "handle": "string",
        "icon": "/path/to/matching/gravatar/icon",
        "id": "integer",
        "name": "string",
        "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940"
      }
    },
    "id": "string",
    "type": "signal_metadata"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                          ## default
# 

# Path parameters
export signal_id="CHANGE_ME"
# Curl command
curl -X PATCH "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/${signal_id}/incidents" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "incident_ids": [
        2066
      ]
    }
  }
}
EOF

                        

// Change the related incidents of a security signal returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.SecurityMonitoringSignalIncidentsUpdateRequest{
		Data: datadogV2.SecurityMonitoringSignalIncidentsUpdateData{
			Attributes: datadogV2.SecurityMonitoringSignalIncidentsUpdateAttributes{
				IncidentIds: []int64{
					2066,
				},
			},
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.EditSecurityMonitoringSignalIncidents(ctx, "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.EditSecurityMonitoringSignalIncidents`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.EditSecurityMonitoringSignalIncidents`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"

// Change the related incidents of a security signal returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.SecurityMonitoringSignalIncidentsUpdateAttributes;
import com.datadog.api.client.v2.model.SecurityMonitoringSignalIncidentsUpdateData;
import com.datadog.api.client.v2.model.SecurityMonitoringSignalIncidentsUpdateRequest;
import com.datadog.api.client.v2.model.SecurityMonitoringSignalTriageUpdateResponse;
import java.util.Collections;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    SecurityMonitoringSignalIncidentsUpdateRequest body =
        new SecurityMonitoringSignalIncidentsUpdateRequest()
            .data(
                new SecurityMonitoringSignalIncidentsUpdateData()
                    .attributes(
                        new SecurityMonitoringSignalIncidentsUpdateAttributes()
                            .incidentIds(Collections.singletonList(2066L))));

    try {
      SecurityMonitoringSignalTriageUpdateResponse result =
          apiInstance.editSecurityMonitoringSignalIncidents(
              "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println(
          "Exception when calling SecurityMonitoringApi#editSecurityMonitoringSignalIncidents");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"

"""
Change the related incidents of a security signal returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.security_monitoring_signal_incident_ids import SecurityMonitoringSignalIncidentIds
from datadog_api_client.v2.model.security_monitoring_signal_incidents_update_attributes import (
    SecurityMonitoringSignalIncidentsUpdateAttributes,
)
from datadog_api_client.v2.model.security_monitoring_signal_incidents_update_data import (
    SecurityMonitoringSignalIncidentsUpdateData,
)
from datadog_api_client.v2.model.security_monitoring_signal_incidents_update_request import (
    SecurityMonitoringSignalIncidentsUpdateRequest,
)

body = SecurityMonitoringSignalIncidentsUpdateRequest(
    data=SecurityMonitoringSignalIncidentsUpdateData(
        attributes=SecurityMonitoringSignalIncidentsUpdateAttributes(
            incident_ids=SecurityMonitoringSignalIncidentIds(
                [
                    2066,
                ]
            ),
        ),
    ),
)

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.edit_security_monitoring_signal_incidents(
        signal_id="AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body=body
    )

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"

# Change the related incidents of a security signal returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new

body = DatadogAPIClient::V2::SecurityMonitoringSignalIncidentsUpdateRequest.new({
  data: DatadogAPIClient::V2::SecurityMonitoringSignalIncidentsUpdateData.new({
    attributes: DatadogAPIClient::V2::SecurityMonitoringSignalIncidentsUpdateAttributes.new({
      incident_ids: [
        2066,
      ],
    }),
  }),
})
p api_instance.edit_security_monitoring_signal_incidents("AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"

// Change the related incidents of a security signal returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
use datadog_api_client::datadogV2::model::SecurityMonitoringSignalIncidentsUpdateAttributes;
use datadog_api_client::datadogV2::model::SecurityMonitoringSignalIncidentsUpdateData;
use datadog_api_client::datadogV2::model::SecurityMonitoringSignalIncidentsUpdateRequest;

#[tokio::main]
async fn main() {
    let body = SecurityMonitoringSignalIncidentsUpdateRequest::new(
        SecurityMonitoringSignalIncidentsUpdateData::new(
            SecurityMonitoringSignalIncidentsUpdateAttributes::new(vec![2066]),
        ),
    );
    let configuration = datadog::Configuration::new();
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .edit_security_monitoring_signal_incidents(
            "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE".to_string(),
            body,
        )
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run

/**
 * Change the related incidents of a security signal returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiEditSecurityMonitoringSignalIncidentsRequest =
  {
    body: {
      data: {
        attributes: {
          incidentIds: [2066],
        },
      },
    },
    signalId: "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE",
  };

apiInstance
  .editSecurityMonitoringSignalIncidents(params)
  .then((data: v2.SecurityMonitoringSignalTriageUpdateResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"

Change the related incidents of a security signal

Overview

Arguments

Path Parameters

Request

Body Data (required)

Response

Code Example

Change the related incidents of a security signal returns "OK" response

Change the related incidents of a security signal returns "OK" response

Instructions

Change the related incidents of a security signal returns "OK" response

Instructions

Change the related incidents of a security signal returns "OK" response

Instructions

Change the related incidents of a security signal returns "OK" response

Instructions

Change the related incidents of a security signal returns "OK" response

Instructions

Change the related incidents of a security signal returns "OK" response

Instructions

How can I help you today?