Note : This endpoint is in preview and is subject to change.
If you have any feedback, contact Datadog support .
GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.ap2.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.datadoghq.eu/api/v2/security_monitoring/signals/{signal_id}/entities https://api.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.us2.ddog-gov.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.us3.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities https://api.us5.datadoghq.com/api/v2/security_monitoring/signals/{signal_id}/entities
Overview Get the list of entities related to a security signal, captured at the signal’s timestamp.
This endpoint requires the security_monitoring_signals_read permission.
OAuth apps require the security_monitoring_signals_read authorization scope to access this endpoint.
Arguments Path Parameters Query Strings The maximum number of entities to return.
Response OK
Response containing entities related to a security signal.
Expand All
Entities related to a security signal.
Attributes containing the entities related to the signal.
The identity entities related to the signal. Each item is a free-form object describing an identity (for example, a user or principal).
The signal ID the entities are associated with.
The type of the resource. The value should always be entities.
Allowed enum values: entities
default: entities
{
"data" : {
"attributes" : {
"identities" : [
[]
]
},
"id" : "AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA" ,
"type" : "entities"
}
} Bad Request
{
"errors" : [
"Bad Request"
]
} Not Authorized
{
"errors" : [
"Bad Request"
]
} Not Found
{
"errors" : [
"Bad Request"
]
} Too many requests
{
"errors" : [
"Bad Request"
]
} Code Example Copy
# Path parameters export signal_id = "CHANGE_ME" # Curl command curl -X GET "https://api.ap1.datadoghq.com "https://api.ap2.datadoghq.com "https://api.datadoghq.eu "https://api.ddog-gov.com "https://api.us2.ddog-gov.com "https://api.datadoghq.com "https://api.us3.datadoghq.com "https://api.us5.datadoghq.com /api/v2/security_monitoring/signals/${signal_id}/entities " \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY} " \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY} " 
