---
title: Convert a job result to a signal
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > API Reference > Security Monitoring
---

# Convert a job result to a signal{% #convert-a-job-result-to-a-signal %}
Copy pageCopied
{% tab title="v2" %}
**Note**: This endpoint is in beta and may be subject to changes. Please check the documentation regularly for updates.
| Datadog site      | API endpoint                                                                             |
| ----------------- | ---------------------------------------------------------------------------------------- |
| ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert |
| ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert |
| app.datadoghq.eu  | POST https://api.datadoghq.eu/api/v2/siem-historical-detections/jobs/signal_convert      |
| app.ddog-gov.com  | POST https://api.ddog-gov.com/api/v2/siem-historical-detections/jobs/signal_convert      |
| us2.ddog-gov.com  | POST https://api.us2.ddog-gov.com/api/v2/siem-historical-detections/jobs/signal_convert  |
| app.datadoghq.com | POST https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert     |
| us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert |
| us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert |

### Overview

Convert a job result to a signal. This endpoint requires the `security_monitoring_signals_write` permission.

### Request

#### Body Data (required)



{% tab title="Model" %}

| Parent field | Field                            | Type     | Description                                                                           |
| ------------ | -------------------------------- | -------- | ------------------------------------------------------------------------------------- |
|              | data                             | object   | Data for converting historical job results to signals.                                |
| data         | attributes                       | object   | Attributes for converting historical job results to signals.                          |
| attributes   | jobResultIds [*required*]   | [string] | Job result IDs.                                                                       |
| attributes   | notifications [*required*]  | [string] | Notifications sent.                                                                   |
| attributes   | signalMessage [*required*]  | string   | Message of generated signals.                                                         |
| attributes   | signalSeverity [*required*] | enum     | Severity of the Security Signal. Allowed enum values: `info,low,medium,high,critical` |
| data         | type                             | enum     | Type of payload. Allowed enum values: `historicalDetectionsJobResultSignalConversion` |

{% /tab %}

{% tab title="Example" %}

```json
{
  "data": {
    "attributes": {
      "jobResultIds": [
        ""
      ],
      "notifications": [
        ""
      ],
      "signalMessage": "A large number of failed login attempts.",
      "signalSeverity": "critical"
    },
    "type": "string"
  }
}
```

{% /tab %}

### Response

{% tab title="204" %}
OK
{% /tab %}

{% tab title="400" %}
Bad Request
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="401" %}
Concurrent Modification
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="403" %}
Not Authorized
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="404" %}
Not Found
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="429" %}
Too many requests
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

### Code Example

##### 
                  \## default
# 
 \# Curl command curl -X POST "https://api.datadoghq.com/api/v2/siem-historical-detections/jobs/signal_convert" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "jobResultIds": [
        ""
      ],
      "notifications": [
        ""
      ],
      "signalMessage": "A large number of failed login attempts.",
      "signalSeverity": "critical"
    },
    "type": "historicalDetectionsJobResultSignalConversion"
  }
}
EOF 
                
##### 

```python
"""
Convert a job result to a signal returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
from datadog_api_client.v2.model.convert_job_results_to_signals_attributes import ConvertJobResultsToSignalsAttributes
from datadog_api_client.v2.model.convert_job_results_to_signals_data import ConvertJobResultsToSignalsData
from datadog_api_client.v2.model.convert_job_results_to_signals_data_type import ConvertJobResultsToSignalsDataType
from datadog_api_client.v2.model.convert_job_results_to_signals_request import ConvertJobResultsToSignalsRequest
from datadog_api_client.v2.model.security_monitoring_rule_severity import SecurityMonitoringRuleSeverity

body = ConvertJobResultsToSignalsRequest(
    data=ConvertJobResultsToSignalsData(
        attributes=ConvertJobResultsToSignalsAttributes(
            job_result_ids=[
                "",
            ],
            notifications=[
                "",
            ],
            signal_message="A large number of failed login attempts.",
            signal_severity=SecurityMonitoringRuleSeverity.CRITICAL,
        ),
        type=ConvertJobResultsToSignalsDataType.HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION,
    ),
)

configuration = Configuration()
configuration.unstable_operations["convert_job_result_to_signal"] = True
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    api_instance.convert_job_result_to_signal(body=body)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"
##### 

```ruby
# Convert a job result to a signal returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.convert_job_result_to_signal".to_sym] = true
end
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new

body = DatadogAPIClient::V2::ConvertJobResultsToSignalsRequest.new({
  data: DatadogAPIClient::V2::ConvertJobResultsToSignalsData.new({
    attributes: DatadogAPIClient::V2::ConvertJobResultsToSignalsAttributes.new({
      job_result_ids: [
        "",
      ],
      notifications: [
        "",
      ],
      signal_message: "A large number of failed login attempts.",
      signal_severity: DatadogAPIClient::V2::SecurityMonitoringRuleSeverity::CRITICAL,
    }),
    type: DatadogAPIClient::V2::ConvertJobResultsToSignalsDataType::HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION,
  }),
})
api_instance.convert_job_result_to_signal(body)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"
##### 

```go
// Convert a job result to a signal returns "OK" response

package main

import (
	"context"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.ConvertJobResultsToSignalsRequest{
		Data: &datadogV2.ConvertJobResultsToSignalsData{
			Attributes: &datadogV2.ConvertJobResultsToSignalsAttributes{
				JobResultIds: []string{
					"",
				},
				Notifications: []string{
					"",
				},
				SignalMessage:  "A large number of failed login attempts.",
				SignalSeverity: datadogV2.SECURITYMONITORINGRULESEVERITY_CRITICAL,
			},
			Type: datadogV2.CONVERTJOBRESULTSTOSIGNALSDATATYPE_HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION.Ptr(),
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.ConvertJobResultToSignal", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	r, err := api.ConvertJobResultToSignal(ctx, body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ConvertJobResultToSignal`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"
##### 

```java
// Convert a job result to a signal returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.ConvertJobResultsToSignalsAttributes;
import com.datadog.api.client.v2.model.ConvertJobResultsToSignalsData;
import com.datadog.api.client.v2.model.ConvertJobResultsToSignalsDataType;
import com.datadog.api.client.v2.model.ConvertJobResultsToSignalsRequest;
import com.datadog.api.client.v2.model.SecurityMonitoringRuleSeverity;
import java.util.Collections;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.convertJobResultToSignal", true);
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    ConvertJobResultsToSignalsRequest body =
        new ConvertJobResultsToSignalsRequest()
            .data(
                new ConvertJobResultsToSignalsData()
                    .attributes(
                        new ConvertJobResultsToSignalsAttributes()
                            .jobResultIds(Collections.singletonList(""))
                            .notifications(Collections.singletonList(""))
                            .signalMessage("A large number of failed login attempts.")
                            .signalSeverity(SecurityMonitoringRuleSeverity.CRITICAL))
                    .type(
                        ConvertJobResultsToSignalsDataType
                            .HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION));

    try {
      apiInstance.convertJobResultToSignal(body);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#convertJobResultToSignal");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"
##### 

```rust
// Convert a job result to a signal returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;
use datadog_api_client::datadogV2::model::ConvertJobResultsToSignalsAttributes;
use datadog_api_client::datadogV2::model::ConvertJobResultsToSignalsData;
use datadog_api_client::datadogV2::model::ConvertJobResultsToSignalsDataType;
use datadog_api_client::datadogV2::model::ConvertJobResultsToSignalsRequest;
use datadog_api_client::datadogV2::model::SecurityMonitoringRuleSeverity;

#[tokio::main]
async fn main() {
    let body = ConvertJobResultsToSignalsRequest::new().data(
        ConvertJobResultsToSignalsData::new()
            .attributes(ConvertJobResultsToSignalsAttributes::new(
                vec!["".to_string()],
                vec!["".to_string()],
                "A large number of failed login attempts.".to_string(),
                SecurityMonitoringRuleSeverity::CRITICAL,
            ))
            .type_(
                ConvertJobResultsToSignalsDataType::HISTORICALDETECTIONSJOBRESULTSIGNALCONVERSION,
            ),
    );
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.ConvertJobResultToSignal", true);
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api.convert_job_result_to_signal(body).await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run
##### 

```typescript
/**
 * Convert a job result to a signal returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.convertJobResultToSignal"] = true;
const apiInstance = new v2.SecurityMonitoringApi(configuration);

const params: v2.SecurityMonitoringApiConvertJobResultToSignalRequest = {
  body: {
    data: {
      attributes: {
        jobResultIds: [""],
        notifications: [""],
        signalMessage: "A large number of failed login attempts.",
        signalSeverity: "critical",
      },
      type: "historicalDetectionsJobResultSignalConversion",
    },
  },
};

apiInstance
  .convertJobResultToSignal(params)
  .then((data: any) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"
{% /tab %}