--- title: Change the triage state of a security signal description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # Change the triage state of a security signal{% #change-the-triage-state-of-a-security-signal %} Copy pageCopied {% tab title="v2" %} | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/state | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/state | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/state | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/state | ### Overview Change the triage state of a security signal. This endpoint requires the `security_monitoring_signals_write` permission. ### Arguments #### Path Parameters | Name | Type | Description | | --------------------------- | ------ | --------------------- | | signal_id [*required*] | string | The ID of the signal. | ### Request #### Body Data (required) Attributes describing the signal update. {% tab title="Model" %} | Parent field | Field | Type | Description | | ------------ | ---------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | object | Data containing the patch for changing the state of a signal. | | data | attributes [*required*] | object | Attributes describing the change of state of a security signal. | | attributes | archive_comment | string | Optional comment to display on archived signals. | | attributes | archive_reason | enum | Reason a signal is archived. Allowed enum values: `none,false_positive,testing_or_maintenance,remediated,investigated_case_opened,true_positive_benign,true_positive_malicious,other` | | attributes | state [*required*] | enum | The new triage state of the signal. Allowed enum values: `open,archived,under_review` | | attributes | version | int64 | Version of the updated signal. If server side version is higher, update will be rejected. | | data | id | | The unique ID of the security signal. | | data | type | enum | The type of event. Allowed enum values: `signal_metadata` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "archive_reason": "none", "state": "open" } } } ``` {% /tab %} ### Response {% tab title="200" %} OK {% tab title="Model" %} The response returned after all triage operations, containing the updated signal triage data. | Parent field | Field | Type | Description | | -------------------- | ------------------------------ | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | object | Data containing the updated triage attributes of the signal. | | data | attributes | object | Attributes describing a triage state update operation over a security signal. | | attributes | archive_comment | string | Optional comment to display on archived signals. | | attributes | archive_comment_timestamp | int64 | Timestamp of the last edit to the comment. | | attributes | archive_comment_user | object | Object representing a given user entity. | | archive_comment_user | handle | string | The handle for this user account. | | archive_comment_user | icon | string | Gravatar icon associated to the user. | | archive_comment_user | id | int64 | Numerical ID assigned by Datadog to this user account. | | archive_comment_user | name | string | The name for this user account. | | archive_comment_user | uuid [*required*] | string | UUID assigned by Datadog to this user account. | | attributes | archive_reason | enum | Reason a signal is archived. Allowed enum values: `none,false_positive,testing_or_maintenance,remediated,investigated_case_opened,true_positive_benign,true_positive_malicious,other` | | attributes | assignee [*required*] | object | Object representing a given user entity. | | assignee | handle | string | The handle for this user account. | | assignee | icon | string | Gravatar icon associated to the user. | | assignee | id | int64 | Numerical ID assigned by Datadog to this user account. | | assignee | name | string | The name for this user account. | | assignee | uuid [*required*] | string | UUID assigned by Datadog to this user account. | | attributes | incident_ids [*required*] | [integer] | Array of incidents that are associated with this signal. | | attributes | state [*required*] | enum | The new triage state of the signal. Allowed enum values: `open,archived,under_review` | | attributes | state_update_timestamp | int64 | Timestamp of the last update to the signal state. | | attributes | state_update_user | object | Object representing a given user entity. | | state_update_user | handle | string | The handle for this user account. | | state_update_user | icon | string | Gravatar icon associated to the user. | | state_update_user | id | int64 | Numerical ID assigned by Datadog to this user account. | | state_update_user | name | string | The name for this user account. | | state_update_user | uuid [*required*] | string | UUID assigned by Datadog to this user account. | | data | id | string | The unique ID of the security signal. | | data | type | enum | The type of event. Allowed enum values: `signal_metadata` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "archive_comment": "string", "archive_comment_timestamp": "integer", "archive_comment_user": { "handle": "string", "icon": "/path/to/matching/gravatar/icon", "id": "integer", "name": "string", "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940" }, "archive_reason": "string", "assignee": { "handle": "string", "icon": "/path/to/matching/gravatar/icon", "id": "integer", "name": "string", "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940" }, "incident_ids": [ 2066 ], "state": "open", "state_update_timestamp": "integer", "state_update_user": { "handle": "string", "icon": "/path/to/matching/gravatar/icon", "id": "integer", "name": "string", "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940" } }, "id": "string", "type": "signal_metadata" } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad Request {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Not Authorized {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not Found {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \## default # \# Path parameters export signal_id="CHANGE_ME" \# Curl command curl -X PATCH "https://api.datadoghq.com/api/v2/security_monitoring/signals/${signal_id}/state" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF { "data": { "attributes": { "archive_reason": "none", "state": "archived" }, "type": "signal_metadata" } } EOF ##### ```go // Change the triage state of a security signal returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { body := datadogV2.SecurityMonitoringSignalStateUpdateRequest{ Data: datadogV2.SecurityMonitoringSignalStateUpdateData{ Attributes: datadogV2.SecurityMonitoringSignalStateUpdateAttributes{ ArchiveReason: datadogV2.SECURITYMONITORINGSIGNALARCHIVEREASON_NONE.Ptr(), State: datadogV2.SECURITYMONITORINGSIGNALSTATE_OPEN, }, }, } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) resp, r, err := api.EditSecurityMonitoringSignalState(ctx, "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.EditSecurityMonitoringSignalState`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.EditSecurityMonitoringSignalState`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // Change the triage state of a security signal returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; import com.datadog.api.client.v2.model.SecurityMonitoringSignalArchiveReason; import com.datadog.api.client.v2.model.SecurityMonitoringSignalState; import com.datadog.api.client.v2.model.SecurityMonitoringSignalStateUpdateAttributes; import com.datadog.api.client.v2.model.SecurityMonitoringSignalStateUpdateData; import com.datadog.api.client.v2.model.SecurityMonitoringSignalStateUpdateRequest; import com.datadog.api.client.v2.model.SecurityMonitoringSignalTriageUpdateResponse; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); SecurityMonitoringSignalStateUpdateRequest body = new SecurityMonitoringSignalStateUpdateRequest() .data( new SecurityMonitoringSignalStateUpdateData() .attributes( new SecurityMonitoringSignalStateUpdateAttributes() .archiveReason(SecurityMonitoringSignalArchiveReason.NONE) .state(SecurityMonitoringSignalState.OPEN))); try { SecurityMonitoringSignalTriageUpdateResponse result = apiInstance.editSecurityMonitoringSignalState( "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body); System.out.println(result); } catch (ApiException e) { System.err.println( "Exception when calling SecurityMonitoringApi#editSecurityMonitoringSignalState"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```python """ Change the triage state of a security signal returns "OK" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi from datadog_api_client.v2.model.security_monitoring_signal_archive_reason import SecurityMonitoringSignalArchiveReason from datadog_api_client.v2.model.security_monitoring_signal_state import SecurityMonitoringSignalState from datadog_api_client.v2.model.security_monitoring_signal_state_update_attributes import ( SecurityMonitoringSignalStateUpdateAttributes, ) from datadog_api_client.v2.model.security_monitoring_signal_state_update_data import ( SecurityMonitoringSignalStateUpdateData, ) from datadog_api_client.v2.model.security_monitoring_signal_state_update_request import ( SecurityMonitoringSignalStateUpdateRequest, ) body = SecurityMonitoringSignalStateUpdateRequest( data=SecurityMonitoringSignalStateUpdateData( attributes=SecurityMonitoringSignalStateUpdateAttributes( archive_reason=SecurityMonitoringSignalArchiveReason.NONE, state=SecurityMonitoringSignalState.OPEN, ), ), ) configuration = Configuration() with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.edit_security_monitoring_signal_state( signal_id="AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body=body ) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # Change the triage state of a security signal returns "OK" response require "datadog_api_client" api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new body = DatadogAPIClient::V2::SecurityMonitoringSignalStateUpdateRequest.new({ data: DatadogAPIClient::V2::SecurityMonitoringSignalStateUpdateData.new({ attributes: DatadogAPIClient::V2::SecurityMonitoringSignalStateUpdateAttributes.new({ archive_reason: DatadogAPIClient::V2::SecurityMonitoringSignalArchiveReason::NONE, state: DatadogAPIClient::V2::SecurityMonitoringSignalState::OPEN, }), }), }) p api_instance.edit_security_monitoring_signal_state("AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", body) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```rust // Change the triage state of a security signal returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; use datadog_api_client::datadogV2::model::SecurityMonitoringSignalArchiveReason; use datadog_api_client::datadogV2::model::SecurityMonitoringSignalState; use datadog_api_client::datadogV2::model::SecurityMonitoringSignalStateUpdateAttributes; use datadog_api_client::datadogV2::model::SecurityMonitoringSignalStateUpdateData; use datadog_api_client::datadogV2::model::SecurityMonitoringSignalStateUpdateRequest; #[tokio::main] async fn main() { let body = SecurityMonitoringSignalStateUpdateRequest::new( SecurityMonitoringSignalStateUpdateData::new( SecurityMonitoringSignalStateUpdateAttributes::new(SecurityMonitoringSignalState::OPEN) .archive_reason(SecurityMonitoringSignalArchiveReason::NONE), ), ); let configuration = datadog::Configuration::new(); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api .edit_security_monitoring_signal_state( "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE".to_string(), body, ) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * Change the triage state of a security signal returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); const apiInstance = new v2.SecurityMonitoringApi(configuration); const params: v2.SecurityMonitoringApiEditSecurityMonitoringSignalStateRequest = { body: { data: { attributes: { archiveReason: "none", state: "open", }, }, }, signalId: "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE", }; apiInstance .editSecurityMonitoringSignalState(params) .then((data: v2.SecurityMonitoringSignalTriageUpdateResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %} {% tab title="v1" %} | Datadog site | API endpoint | | ----------------- | --------------------------------------------------------------------------------------- | | ap1.datadoghq.com | PATCH https://api.ap1.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/state | | ap2.datadoghq.com | PATCH https://api.ap2.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/state | | app.datadoghq.eu | PATCH https://api.datadoghq.eu/api/v1/security_analytics/signals/{signal_id}/state | | app.ddog-gov.com | PATCH https://api.ddog-gov.com/api/v1/security_analytics/signals/{signal_id}/state | | us2.ddog-gov.com | PATCH https://api.us2.ddog-gov.com/api/v1/security_analytics/signals/{signal_id}/state | | app.datadoghq.com | PATCH https://api.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/state | | us3.datadoghq.com | PATCH https://api.us3.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/state | | us5.datadoghq.com | PATCH https://api.us5.datadoghq.com/api/v1/security_analytics/signals/{signal_id}/state | ### Overview This endpoint is deprecated - Change the triage state of a security signal. This endpoint requires the `security_monitoring_signals_write` permission. ### Arguments #### Path Parameters | Name | Type | Description | | --------------------------- | ------ | --------------------- | | signal_id [*required*] | string | The ID of the signal. | ### Request #### Body Data (required) Attributes describing the signal update. {% tab title="Model" %} | Field | Type | Description | | ----------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | archiveComment | string | Optional comment to explain why a signal is being archived. | | archiveReason | enum | Reason why a signal has been archived. Allowed enum values: `none,false_positive,testing_or_maintenance,investigated_case_opened,true_positive_benign,true_positive_malicious,other` | | state [*required*] | enum | The new triage state of the signal. Allowed enum values: `open,archived,under_review` | | version | int64 | Version of the updated signal. If server side version is higher, update will be rejected. | {% /tab %} {% tab title="Example" %} ```json { "archiveReason": "none", "state": "open" } ``` {% /tab %} ### Response {% tab title="200" %} OK {% tab title="Model" %} Updated signal data following a successfully performed update. | Field | Type | Description | | ------ | ------ | ----------------------- | | status | string | Status of the response. | {% /tab %} {% tab title="Example" %} ```json { "status": "string" } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad Request {% tab title="Model" %} Error response object. | Field | Type | Description | | ------------------------ | -------- | ------------------------------------ | | errors [*required*] | [string] | Array of errors returned by the API. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Forbidden {% tab title="Model" %} Error response object. | Field | Type | Description | | ------------------------ | -------- | ------------------------------------ | | errors [*required*] | [string] | Array of errors returned by the API. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not Found {% tab title="Model" %} Error response object. | Field | Type | Description | | ------------------------ | -------- | ------------------------------------ | | errors [*required*] | [string] | Array of errors returned by the API. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} Error response object. | Field | Type | Description | | ------------------------ | -------- | ------------------------------------ | | errors [*required*] | [string] | Array of errors returned by the API. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \## default # \# Path parameters export signal_id="CHANGE_ME" \# Curl command curl -X PATCH "https://api.datadoghq.com/api/v1/security_analytics/signals/${signal_id}/state" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF { "archiveReason": "none", "state": "open", "version": 0 } EOF ##### ```go // Change the triage state of a security signal returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV1" ) func main() { body := datadogV1.SignalStateUpdateRequest{ ArchiveReason: datadogV1.SIGNALARCHIVEREASON_NONE.Ptr(), State: datadogV1.SIGNALTRIAGESTATE_OPEN, } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() apiClient := datadog.NewAPIClient(configuration) api := datadogV1.NewSecurityMonitoringApi(apiClient) resp, r, err := api.EditSecurityMonitoringSignalState(ctx, "AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE", body) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.EditSecurityMonitoringSignalState`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.EditSecurityMonitoringSignalState`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // Change the triage state of a security signal returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v1.api.SecurityMonitoringApi; import com.datadog.api.client.v1.model.SignalArchiveReason; import com.datadog.api.client.v1.model.SignalStateUpdateRequest; import com.datadog.api.client.v1.model.SignalTriageState; import com.datadog.api.client.v1.model.SuccessfulSignalUpdateResponse; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); SignalStateUpdateRequest body = new SignalStateUpdateRequest() .archiveReason(SignalArchiveReason.NONE) .state(SignalTriageState.OPEN); try { SuccessfulSignalUpdateResponse result = apiInstance.editSecurityMonitoringSignalState( "AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE", body); System.out.println(result); } catch (ApiException e) { System.err.println( "Exception when calling SecurityMonitoringApi#editSecurityMonitoringSignalState"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```python """ Change the triage state of a security signal returns "OK" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v1.api.security_monitoring_api import SecurityMonitoringApi from datadog_api_client.v1.model.signal_archive_reason import SignalArchiveReason from datadog_api_client.v1.model.signal_state_update_request import SignalStateUpdateRequest from datadog_api_client.v1.model.signal_triage_state import SignalTriageState body = SignalStateUpdateRequest( archive_reason=SignalArchiveReason.NONE, state=SignalTriageState.OPEN, ) configuration = Configuration() with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.edit_security_monitoring_signal_state( signal_id="AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE", body=body ) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # Change the triage state of a security signal returns "OK" response require "datadog_api_client" api_instance = DatadogAPIClient::V1::SecurityMonitoringAPI.new body = DatadogAPIClient::V1::SignalStateUpdateRequest.new({ archive_reason: DatadogAPIClient::V1::SignalArchiveReason::NONE, state: DatadogAPIClient::V1::SignalTriageState::OPEN, }) p api_instance.edit_security_monitoring_signal_state("AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE", body) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```rust // Change the triage state of a security signal returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV1::api_security_monitoring::SecurityMonitoringAPI; use datadog_api_client::datadogV1::model::SignalArchiveReason; use datadog_api_client::datadogV1::model::SignalStateUpdateRequest; use datadog_api_client::datadogV1::model::SignalTriageState; #[tokio::main] async fn main() { let body = SignalStateUpdateRequest::new(SignalTriageState::OPEN) .archive_reason(SignalArchiveReason::NONE); let configuration = datadog::Configuration::new(); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api .edit_security_monitoring_signal_state( "AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE".to_string(), body, ) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * Change the triage state of a security signal returns "OK" response */ import { client, v1 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); const apiInstance = new v1.SecurityMonitoringApi(configuration); const params: v1.SecurityMonitoringApiEditSecurityMonitoringSignalStateRequest = { body: { archiveReason: "none", state: "open", }, signalId: "AQAAAYDiB_Ol8PbzFAAAAABBWURpQl9PbEFBQU0yeXhGTG9ZV2JnQUE", }; apiInstance .editSecurityMonitoringSignalState(params) .then((data: v1.SuccessfulSignalUpdateResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}