Foxpro / Datadog API Collection / Change the triage state of a security signal
Back to Collection Items
LOCAL loHttp
LOCAL lnSuccess
LOCAL loJson
LOCAL loSbRequestBody
LOCAL loResp
LOCAL loSbResponseBody
LOCAL loJResp
LOCAL lnRespStatusCode
LOCAL lcStrVal
LOCAL lcUuid
LOCAL lcHandle
LOCAL lcIcon
LOCAL lcId
LOCAL lcName
LOCAL lcState
LOCAL lcArchive_comment
LOCAL lcArchive_comment_timestamp
LOCAL lcArchive_comment_userUuid
LOCAL lcArchive_comment_userHandle
LOCAL lcArchive_comment_userIcon
LOCAL lcArchive_comment_userId
LOCAL lcArchive_comment_userName
LOCAL lcArchive_reason
LOCAL lcState_update_timestamp
LOCAL lcState_update_userUuid
LOCAL lcState_update_userHandle
LOCAL lcState_update_userIcon
LOCAL lcState_update_userId
LOCAL lcState_update_userName
LOCAL lcDataId
LOCAL lcV_Type
LOCAL i
LOCAL lnCount_i
* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.
loHttp = CreateObject('Chilkat_9_5_0.Http')
* Use this online tool to generate code from sample JSON: Generate Code to Create JSON
* The following JSON is sent in the request body.
* {
* "data": {
* "attributes": {
* "state": "under_review",
* "archive_comment": "<string>",
* "archive_reason": "none",
* "version": "<long>"
* },
* "id": {
* "description": "The unique ID of the security signal."
* },
* "type": "signal_metadata"
* }
* }
loJson = CreateObject('Chilkat_9_5_0.JsonObject')
loJson.UpdateString("data.attributes.state","under_review")
loJson.UpdateString("data.attributes.archive_comment","<string>")
loJson.UpdateString("data.attributes.archive_reason","none")
loJson.UpdateString("data.attributes.version","<long>")
loJson.UpdateString("data.id.description","The unique ID of the security signal.")
loJson.UpdateString("data.type","signal_metadata")
loHttp.SetRequestHeader("Content-Type","application/json")
loHttp.SetRequestHeader("Accept","application/json")
loSbRequestBody = CreateObject('Chilkat_9_5_0.StringBuilder')
loJson.EmitSb(loSbRequestBody)
loResp = loHttp.PTextSb("PATCH","https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state",loSbRequestBody,"utf-8","application/json",0,0)
IF (loHttp.LastMethodSuccess = 0) THEN
? loHttp.LastErrorText
RELEASE loHttp
RELEASE loJson
RELEASE loSbRequestBody
CANCEL
ENDIF
loSbResponseBody = CreateObject('Chilkat_9_5_0.StringBuilder')
loResp.GetBodySb(loSbResponseBody)
loJResp = CreateObject('Chilkat_9_5_0.JsonObject')
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = 0
? "Response Body:"
? loJResp.Emit()
lnRespStatusCode = loResp.StatusCode
? "Response Status Code = " + STR(lnRespStatusCode)
IF (lnRespStatusCode >= 400) THEN
? "Response Header:"
? loResp.Header
? "Failed."
RELEASE loResp
RELEASE loHttp
RELEASE loJson
RELEASE loSbRequestBody
RELEASE loSbResponseBody
RELEASE loJResp
CANCEL
ENDIF
RELEASE loResp
* Sample JSON response:
* (Sample code for parsing the JSON response is shown below)
* {
* "data": {
* "attributes": {
* "assignee": {
* "uuid": "<string>",
* "handle": "<string>",
* "icon": "<string>",
* "id": "<long>",
* "name": "<string>"
* },
* "state": "open",
* "incident_ids": [
* "<long>",
* "<long>"
* ],
* "archive_comment": "<string>",
* "archive_comment_timestamp": "<long>",
* "archive_comment_user": {
* "uuid": "<string>",
* "handle": "<string>",
* "icon": "<string>",
* "id": "<long>",
* "name": "<string>"
* },
* "archive_reason": "other",
* "state_update_timestamp": "<long>",
* "state_update_user": {
* "uuid": "<string>",
* "handle": "<string>",
* "icon": "<string>",
* "id": "<long>",
* "name": "<string>"
* }
* },
* "id": "<string>",
* "type": "signal_metadata"
* }
* }
* Sample code for parsing the JSON response...
* Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
lcUuid = loJResp.StringOf("data.attributes.assignee.uuid")
lcHandle = loJResp.StringOf("data.attributes.assignee.handle")
lcIcon = loJResp.StringOf("data.attributes.assignee.icon")
lcId = loJResp.StringOf("data.attributes.assignee.id")
lcName = loJResp.StringOf("data.attributes.assignee.name")
lcState = loJResp.StringOf("data.attributes.state")
lcArchive_comment = loJResp.StringOf("data.attributes.archive_comment")
lcArchive_comment_timestamp = loJResp.StringOf("data.attributes.archive_comment_timestamp")
lcArchive_comment_userUuid = loJResp.StringOf("data.attributes.archive_comment_user.uuid")
lcArchive_comment_userHandle = loJResp.StringOf("data.attributes.archive_comment_user.handle")
lcArchive_comment_userIcon = loJResp.StringOf("data.attributes.archive_comment_user.icon")
lcArchive_comment_userId = loJResp.StringOf("data.attributes.archive_comment_user.id")
lcArchive_comment_userName = loJResp.StringOf("data.attributes.archive_comment_user.name")
lcArchive_reason = loJResp.StringOf("data.attributes.archive_reason")
lcState_update_timestamp = loJResp.StringOf("data.attributes.state_update_timestamp")
lcState_update_userUuid = loJResp.StringOf("data.attributes.state_update_user.uuid")
lcState_update_userHandle = loJResp.StringOf("data.attributes.state_update_user.handle")
lcState_update_userIcon = loJResp.StringOf("data.attributes.state_update_user.icon")
lcState_update_userId = loJResp.StringOf("data.attributes.state_update_user.id")
lcState_update_userName = loJResp.StringOf("data.attributes.state_update_user.name")
lcDataId = loJResp.StringOf("data.id")
lcV_Type = loJResp.StringOf("data.type")
i = 0
lnCount_i = loJResp.SizeOfArray("data.attributes.incident_ids")
DO WHILE i < lnCount_i
loJResp.I = i
lcStrVal = loJResp.StringOf("data.attributes.incident_ids[i]")
i = i + 1
ENDDO
RELEASE loHttp
RELEASE loJson
RELEASE loSbRequestBody
RELEASE loSbResponseBody
RELEASE loJResp
Curl Command
curl -X PATCH
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"data": {
"attributes": {
"state": "under_review",
"archive_comment": "<string>",
"archive_reason": "none",
"version": "<long>"
},
"id": {
"description": "The unique ID of the security signal."
},
"type": "signal_metadata"
}
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state
Postman Collection Item JSON
{
"name": "Change the triage state of a security signal",
"request": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id",
"value": "<string>"
}
]
},
"description": "Change the triage state of a security signal."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": {\n \"attributes\": {\n \"assignee\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n },\n \"state\": \"open\",\n \"incident_ids\": [\n \"<long>\",\n \"<long>\"\n ],\n \"archive_comment\": \"<string>\",\n \"archive_comment_timestamp\": \"<long>\",\n \"archive_comment_user\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n },\n \"archive_reason\": \"other\",\n \"state_update_timestamp\": \"<long>\",\n \"state_update_user\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n }\n },\n \"id\": \"<string>\",\n \"type\": \"signal_metadata\"\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Forbidden",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
