Chilkat Online Tools

Python / Datadog API Collection / Get a list of security signals

Back to Collection Items

import sys
import chilkat2

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

http = chilkat2.Http()

# Use this online tool to generate code from sample JSON: Generate Code to Create JSON

# The following JSON is sent in the request body.

# {
#   "filter": {
#     "from": "<dateTime>",
#     "query": "<string>",
#     "to": "<dateTime>"
#   },
#   "page": {
#     "cursor": "<string>",
#     "limit": 10
#   },
#   "sort": "timestamp"
# }

json = chilkat2.JsonObject()
json.UpdateString("filter.from","<dateTime>")
json.UpdateString("filter.query","<string>")
json.UpdateString("filter.to","<dateTime>")
json.UpdateString("page.cursor","<string>")
json.UpdateInt("page.limit",10)
json.UpdateString("sort","timestamp")

http.SetRequestHeader("Content-Type","application/json")
http.SetRequestHeader("Accept","application/json")

# resp is a CkHttpResponse
resp = http.PostJson3("https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/search","application/json",json)
if (http.LastMethodSuccess == False):
    print(http.LastErrorText)
    sys.exit()

sbResponseBody = chilkat2.StringBuilder()
resp.GetBodySb(sbResponseBody)

jResp = chilkat2.JsonObject()
jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = False

print("Response Body:")
print(jResp.Emit())

respStatusCode = resp.StatusCode
print("Response Status Code = " + str(respStatusCode))
if (respStatusCode >= 400):
    print("Response Header:")
    print(resp.Header)
    print("Failed.")

    sys.exit()

# Sample JSON response:
# (Sample code for parsing the JSON response is shown below)

# {
#   "data": [
#     {
#       "attributes": {
#         "attributes": {
#           "laboris6b": {},
#           "qui_4_": {},
#           "sintcb": {}
#         },
#         "message": "<string>",
#         "tags": [
#           "<string>",
#           "<string>"
#         ],
#         "timestamp": "<dateTime>"
#       },
#       "id": "<string>",
#       "type": "signal"
#     },
#     {
#       "attributes": {
#         "attributes": {
#           "cillumc": {},
#           "ut_75": {}
#         },
#         "message": "<string>",
#         "tags": [
#           "<string>",
#           "<string>"
#         ],
#         "timestamp": "<dateTime>",
#         "sit5": {}
#       },
#       "id": "<string>",
#       "type": "signal"
#     }
#   ],
#   "links": {
#     "next": "<string>"
#   },
#   "meta": {
#     "page": {
#       "after": "<string>"
#     }
#   }
# }

# Sample code for parsing the JSON response...
# Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

v_Next = jResp.StringOf("links.next")
After = jResp.StringOf("meta.page.after")
i = 0
count_i = jResp.SizeOfArray("data")
while i < count_i :
    jResp.I = i
    Message = jResp.StringOf("data[i].attributes.message")
    Timestamp = jResp.StringOf("data[i].attributes.timestamp")
    id = jResp.StringOf("data[i].id")
    v_type = jResp.StringOf("data[i].type")
    j = 0
    count_j = jResp.SizeOfArray("data[i].attributes.tags")
    while j < count_j :
        jResp.J = j
        strVal = jResp.StringOf("data[i].attributes.tags[j]")
        j = j + 1

    i = i + 1

Curl Command

curl -X POST
	-H "Content-Type: application/json"
	-H "Accept: application/json"
	-d '{
  "filter": {
    "from": "<dateTime>",
    "query": "<string>",
    "to": "<dateTime>"
  },
  "page": {
    "cursor": "<string>",
    "limit": 10
  },
  "sort": "timestamp"
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/search

Postman Collection Item JSON

{
  "name": "Get a list of security signals",
  "request": {
    "method": "POST",
    "header": [
      {
        "key": "Content-Type",
        "value": "application/json"
      },
      {
        "key": "Accept",
        "value": "application/json"
      }
    ],
    "body": {
      "mode": "raw",
      "raw": "{\n  \"filter\": {\n    \"from\": \"<dateTime>\",\n    \"query\": \"<string>\",\n    \"to\": \"<dateTime>\"\n  },\n  \"page\": {\n    \"cursor\": \"<string>\",\n    \"limit\": 10\n  },\n  \"sort\": \"timestamp\"\n}",
      "options": {
        "raw": {
          "headerFamily": "json",
          "language": "json"
        }
      }
    },
    "url": {
      "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/search",
      "host": [
        "{{baseUrl}}"
      ],
      "path": [
        "api",
        "v2",
        "security_monitoring",
        "signals",
        "search"
      ]
    },
    "description": "Returns security signals that match a search query.\nBoth this endpoint and the GET endpoint can be used interchangeably for listing\nsecurity signals."
  },
  "response": [
    {
      "name": "OK",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"filter\": {\n    \"from\": \"<dateTime>\",\n    \"query\": \"<string>\",\n    \"to\": \"<dateTime>\"\n  },\n  \"page\": {\n    \"cursor\": \"<string>\",\n    \"limit\": 10\n  },\n  \"sort\": \"timestamp\"\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/search",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            "search"
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"data\": [\n    {\n      \"attributes\": {\n        \"attributes\": {\n          \"laboris6b\": {},\n          \"qui_4_\": {},\n          \"sintcb\": {}\n        },\n        \"message\": \"<string>\",\n        \"tags\": [\n          \"<string>\",\n          \"<string>\"\n        ],\n        \"timestamp\": \"<dateTime>\"\n      },\n      \"id\": \"<string>\",\n      \"type\": \"signal\"\n    },\n    {\n      \"attributes\": {\n        \"attributes\": {\n          \"cillumc\": {},\n          \"ut_75\": {}\n        },\n        \"message\": \"<string>\",\n        \"tags\": [\n          \"<string>\",\n          \"<string>\"\n        ],\n        \"timestamp\": \"<dateTime>\",\n        \"sit5\": {}\n      },\n      \"id\": \"<string>\",\n      \"type\": \"signal\"\n    }\n  ],\n  \"links\": {\n    \"next\": \"<string>\"\n  },\n  \"meta\": {\n    \"page\": {\n      \"after\": \"<string>\"\n    }\n  }\n}"
    },
    {
      "name": "Bad Request",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"filter\": {\n    \"from\": \"<dateTime>\",\n    \"query\": \"<string>\",\n    \"to\": \"<dateTime>\"\n  },\n  \"page\": {\n    \"cursor\": \"<string>\",\n    \"limit\": 10\n  },\n  \"sort\": \"timestamp\"\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/search",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            "search"
          ]
        }
      },
      "status": "Bad Request",
      "code": 400,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Not Authorized",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"filter\": {\n    \"from\": \"<dateTime>\",\n    \"query\": \"<string>\",\n    \"to\": \"<dateTime>\"\n  },\n  \"page\": {\n    \"cursor\": \"<string>\",\n    \"limit\": 10\n  },\n  \"sort\": \"timestamp\"\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/search",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            "search"
          ]
        }
      },
      "status": "Forbidden",
      "code": 403,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Too many requests",
      "originalRequest": {
        "method": "POST",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"filter\": {\n    \"from\": \"<dateTime>\",\n    \"query\": \"<string>\",\n    \"to\": \"<dateTime>\"\n  },\n  \"page\": {\n    \"cursor\": \"<string>\",\n    \"limit\": 10\n  },\n  \"sort\": \"timestamp\"\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/search",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            "search"
          ]
        }
      },
      "status": "Too Many Requests",
      "code": 429,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    }
  ]
}